Skip to main content
March 15, 2016

AppSec News Roundup: March 15, 2016

Bangladesh Central Bank Chief Resigns After Funds Stolen by Hackers

In the latest development on the Bangladesh hack, Atiur Rahman, governor of the bank, resigned Tuesday after more than $100 million was stolen from the bank's account at the Federal Reserve Bank of New York last month.

The WSJ reports, "Finance Minister Abul Maal Abdul Muhith said Tuesday that Mr. Rahman resigned over the theft, in which hackers transferred $81 million from the New York Fed to bank accounts in the Philippines. Another $20 million went to a Sri Lankan bank, according to Subhankar Saha, a spokesman for Bangladesh Bank. That transfer was later reversed by Sri Lanka’s central bank."

"In Dhaka, central bank governor Atiur Rahman said he had resigned to set an example in a country where there is little precedence of accountability and to uphold the image of the institution. The government also fired two deputy governors of the bank, Finance Minister Abul Maal Abdul Muhith said, days after blaming it for keeping the government in the dark about the theft," adds Reuters

Chinese Hackers Turn to Ransomware Attacks 

New reports from security firms Attack Research, InGuardians and G-C Partners reveal that Chinese hackers are launching sophisticated ransomware attacks, during which they hijack machines and demand payment to decrypt them. 

Reuters reports, "Hackers using tactics and tools previously associated with Chinese government-supported computer network intrusions have joined the booming cyber crime industry of ransomware, four security firms that investigated attacks on U.S. companies said."

Known victims have included a transportation company and a technology firm that had 30 percent of its machines captured. 

"The security companies investigating the advanced ransomware intrusions have various theories about what is behind them, but they do not have proof and they have not come to any firm conclusions. Most of the theories flow from the possibility that the Chinese government has reduced its support for economic espionage, which it pledged to oppose in an agreement with the United States late last year. Some U.S. companies have reported a decline in Chinese hacking since the agreement. Smith said some government hackers or contractors could be out of work or with reduced work and looking to supplement their income via ransomware," continues Reuters.

BBC and Network World also covered the news. 

Amex Account May Have Been Exposed From Third-Party Breach

SC Magazine reports that an authorized person or group accessed the system of a third-party service provider; resulting in American Express warning customers that account and card information may have been compromised. 

"In a notice to customers filed with the Office of the Attorney General in California, Stefanie Ash, chief privacy officer (CPO), U.S. American Express Company, said that account numbers, names, expiration dates and other information could have been exposed. Amex said it was 'vigilantly monitoring' accounts for fraudulent activity and asked customers to do the same. The notice said that customers could receive more than one letter about the incident if more than one account was affected."

Eric manages global public relations at Veracode. In this role, he manages all facets of the company’s PR efforts. He brings more than 13 years’ experience in the industry. Prior to Veracode, Eric ran public relations activities for CyberArk across the US, EMEA and APJ.

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.