Finance Report: Who Targets Financial Institutions?
Essential information
- Published
- 20/02/2025 20:48
- Modified
- 21/02/2025 15:30
- Tags
- 2025-02-20 apt banking trojans catb cybercrime edrkillshifter financial sector golddigger golddiggerplus goldkefu goldpickaxe initial access brokers jsoutprox phishing ransomhub ransomware rustbucket sneaky 2fa state-sponsored threats tradertraitor tycoon 2fa
- Related entities
- 20 techniques (mitre), 12 malware, 19 others
Description
This report provides an overview of key cybercrime and state-sponsored threat actors targeting the financial sector in 2024. It highlights the critical role of Initial Access Brokers in enabling large-scale attacks, the persistent threat of ransomware and extortion groups, and the increasing sophistication of banking malware campaigns. The report also examines the rise of Phishing-as-a-Service models and their impact on financial institutions. Additionally, it explores state-sponsored Advanced Persistent Threats (APTs) targeting the sector, including North Korean groups focused on bypassing sanctions, and the growing collaboration between APTs and cybercriminal operators. The analysis covers the actors' motivations, victimology, infection vectors, and tools used in their campaigns against financial entities.