Tag: financial

Visa warns of new JSOutProx malware variant targeting financial orgs
News

Visa warns of new JSOutProx malware variant targeting financial orgs

Visa is alerting users to an increase in JsOutProx malware detections, which is aimed at financial institutions and their clients. Visa's Payment Fraud Disruption (PDF) team sent a security alert to card issuers, processors, and acquirers on March 27, 2024, which BleepingComputer was able to view. According to the alert, Visa learned about a new phishing operation that was disseminating the remote access trojan on that day. Financial institutions throughout Africa, the Middle East, and South and Southeast Asia were the target audience for this campaign. JsOutProx is a highly obfuscated JavaScript backdoor and remote access trojan (RAT) that was first discovered in December 2019. Its operators can run shell commands, download more payloads, execute files, take screenshots, establi...
Bluebottle Cybercrime Group Preys on Financial Sector in French-Speaking African Nations
Risk, Security

Bluebottle Cybercrime Group Preys on Financial Sector in French-Speaking African Nations

A series of targeted attacks against the financial sector in Francophone nations in Africa from at least July 2022 to September 2022 have been connected to the cybercrime organisation known as Bluebottle. The Hacker News received a report from Symantec, a division of Broadcom Software. "The organisation makes considerable use of living-off-the-land, dual use tools, and commodity malware, with no unique malware deployed in this campaign," the report stated. The cybersecurity company claimed that the activity aligns with a threat cluster known as OPERA1ER, which between 2018 and 2022 launched hundreds of assaults on banks, financial services providers, and telecom firms in Africa, Asia, and Latin America. The toolset employed, the attack infrastructure, the lack of custom malware, ...