• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • March 3rd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Cyber Crime
Phishing Scam

“Wire bank transfer” malware phishing scam hits SWIFT banking system

February 21st, 2018 Waqas Cyber Crime, Phishing Scam, Scams and Fraud 0 comments
“Wire bank transfer” malware phishing scam hits SWIFT banking system
Share on FacebookShare on Twitter

Hackers are becoming persistent in phishing scams against banking and cryptocurrency exchanges since they are lucrative targets. In the last couple of years, hackers have tricked several unsuspecting users and stole millions with tricky and sophisticated phishing scams.

Now, the IT security researchers at Comodo Labs have discovered a new phishing scam targeting SWIFT financial messaging service. But this time, the scam does not only aim at stealing banking credentials but also infects victims computers with Adwind RAT (Remote access tool).

Adwind RAT was first discovered in 2015 targeting Android, macOS, Linux and Windows devices. In the latest phishing scam, the malware targets Windows-based devices. According to Comodo Threat Research Lab analysts, an email is being circulated around the Internet which alerts users that a wire bank transfer has initiated to their account and in order to check details they need to click an attachment file.

A screenshot shared by Comodo Labs in their blog post shows the content of the phishing email:

"Wire bank transfer" malware phishing scam hits SWIFT banking system

In reality, the attachment contains Adwind malware capable of exfiltrating data from the compromised device and dropping backdoor which allows hackers to infect the device with additional malware. Moreover, the malware modifies the system registry, tries to kill anti-virus and anti-adware programs on the device to avoid detection.

It then installs malicious executable files on the device and connects itself with a dark web domain on the Tor network. Additionally, Comodo researchers noted that Adwind malware also disables Windows restore option and turns off the User Account Control.

The purpose of this phishing scam is to spy on users and steal money since SWIFT (Society for Worldwide Interbank Financial Telecommunication) lets users send and receive information about financial transactions in a secure environment and target of it can be an unsuspecting user, a banking or financial institution and their employees. 

“As we see, cybercriminals more and more often use finance-related topics as a bait to make users download malware and infect an enterprise’s network,” said Fatih Orhan, head of Comodo Threat Research Lab. “They combine technical and human patterns as an explosive combination for breaking down the door to let the malware in. But it only works if the company has been careless about the right defense of that door”.

There are currently millions of users in 200 countries using SWIFT financial messaging services including 11,000 banks, security organizations, business institutions and corporate customers. Therefore, if you are one of them avoid opening emails sent from an unknown party, do not click on links or download/open attachment from such emails. However, in an event, you have downloaded a file make sure to scan it on VirusTotal, an online scanner for malicious files powered by top cybersecurity giants.

Here are some quick tips for users to understand how phishing scam works and how you can avoid being scammed.

  • Tags
  • Adwind
  • Android
  • Cyber Crime
  • Fraud
  • Linux
  • Malware
  • Phishing
  • RAT
  • Scam
  • SWIFT
  • Windows
Facebook Twitter LinkedIn Pinterest
Previous article Hackers Compromise Tesla Cloud Server to Mine Cryptocurrency
Next article Coldroot Mac Malware Silently Performs System-Wide Keylogging
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Hackers hit Microsoft Exchange Server to steal email data

Hackers hit Microsoft Exchange Server to steal email data

Crypto firm Tether claims hackers have demanded $24m in ransom

Crypto firm Tether claims hackers have demanded $24m in ransom

Botnet Abusing Bitcoin Blockchain To Evade Detection

Botnet Abusing Bitcoin Blockchain To Evade Detection

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Flaw allowed bypassing verification code, log in to any Microsoft account
Microsoft

Flaw allowed bypassing verification code, log in to any Microsoft account

Hackers hit Microsoft Exchange Server to steal email data
Cyber Crime

Hackers hit Microsoft Exchange Server to steal email data

Gootloader exploits websites via SEO to spread ransomware, trojans
Security

Gootloader exploits websites via SEO to spread ransomware, trojans

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us