Bank of America has started to restore missing Zelle transactions that suddenly disappeared from customers’ bank accounts this morning, causing some to dip into negative balances. The outage began at approximately 7 AM ET today, with BoA customers suddenly finding their account balances had decreased after recent Zelle transactions disappeared. This led to reports on DownDetector, Reddit, and Twitter from hundreds of customers missing their Zelle transactions.
Ransomware cyber-gangs made about $456.8 million in 2022. It sounds like a lot of money until you compare it to the record estimated profits from 2021: $765 million. All told, hackers managed to extort 40% less from their victims this past year, vs. the year before, according to a new report from Chainalysis published Thursday. But that drop in profit doesn’t mean the number of ransomware attacks—in which bad actors demand payment in exchange for stolen and encrypted data—is down by the same proportion, the analysis notes. “Instead, we believe that much of the decline is due to victim organizations increasingly refusing to pay.”
PayPal is sending out breach notification letters to nearly 35,000 customers after a December 6 credential stuffing attack allowed hackers to access names, addresses, Social Security Numbers, individual tax identification numbers and dates of birth. The company reported the breach, which occurred from December 6 to December 8, to Maine’s Attorney General. On December 20, PayPal confirmed that hackers used credential stuffing attacks to gain access to personal data and financial information. A credential stuffing attack is when hackers take username and password combinations leaked through data breaches and attempt to use them at other online services, hoping that some people reused credentials across different sites.
T-Mobile disclosed a new data breach after a threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts through one of its Application Programming Interfaces (APIs). An API is a software interface or mechanism commonly used by applications or computers to communicate with each other. Many online web services use APIs so that their online apps or external partners can retrieve internal data as long as they pass the right authentication tokens.
Researchers have uncovered a malicious Android app that can tamper with the wireless router the infected phone is connected to and force the router to send all network devices to malicious sites. The malicious app, found by Kaspersky, uses a technique known as DNS (Domain Name System) hijacking. Once the app is installed, it connects to the router and attempts to log in to its administrative account by using default or commonly used credentials, such as admin:admin. When successful, the app then changes the DNS server to a malicious one controlled by the attackers. From then on, devices on the network can be directed to imposter sites that mimic legitimate ones but spread malware or log user credentials or other sensitive information.