New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Pakistani Bank Attack

A Pakistani bank has suffered one of the greatest digital assaults in the nation’s history. The security breach initially became known on October 27th when clients of the bank received automated messages stating that their cards were being utilized in various nations. The bank denied that any information theft had occurred. Nonetheless, late on Sunday night, an alarm for all banks was issued by the State Bank of Pakistan. A Bank Islami account holder, anonymously confirmed that he received a message telling him that his card had been used at an ATM in Russia. “A message notified me that somebody used my card somewhere in Russia, I immediately approached the bank’s helpline but the official simply did not believe my words and blamed me for the leak of particulars saying that I might have shared my bank account details with a friend or relative.” The bank is denying claims that $6 million was stolen and says the number is only at 2.6 million Pakistani rupees ($19,641 USD), which they claim has been recredited to customer accounts.

Analyst Notes

Data breach victims are advised to determine what information was compromised and to change all passwords that could have been accessed. After that is done, it is recommended to contact financial companies and credit bureaus to see if they have any additional information. To prevent personal information from being used maliciously, it is suggested to use a credit and/or identity monitoring service as well as closing accounts that could have been accessed.