New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

Cybercriminals Exploit SVB Collapse to Steal Money and Data

The failure of Silicon Valley Bank (SVB) on March 10, 2023, has caused instability throughout the whole global financial system, but for hackers, con artists, and phishing schemes, it’s turning into a fantastic opportunity. Security researcher Johannes Ulrich reported on March 13th, 2023, that threat actors are jumping at the opportunity, registering suspicious domains related to SVB that are very likely to be used in attacks. These operations seek to defraud targets by stealing money, account information, or installing malware.

SVB was a commercial bank established in the United States, the 16th largest in the country, and the largest bank by deposits in Silicon Valley, California. The bank failed on March 10, 2023, as a result of a run on its deposits. This failure was the second biggest in American history and the greatest bank failure since the financial crisis of 2007–2008. Several companies and individuals who used SVB’s services have been impacted by this incident, including those in the technology, life science, healthcare, private equity, venture capital, and luxury wine industries.

Ulrich hypothesized that criminals would try to get in touch with former SVB customers and offer them a support package, legal counsel, loans, or other phony services related to the bank’s failure. As he predicted, this angle of attack has now been seen in the wild.

Analyst Notes

The wisest course of action for former SVB customers is to maintain composure and adhere to the FDIC’s and the U.S. government’s established communication channels.

Avoid emails from strange websites and double-check any requests for bank account changes or payments in regards to SVB accounts.

Any requests for changes or payments should be verified with a direct communication using a phone call instead of email. Email accounts may be compromised, and all requests should be verified to be legitimate before conducting business.

https://www.bleepingcomputer.com/news/security/cybercriminals-exploit-svb-collapse-to-steal-money-and-data/