Software Vulnerability Results in Mexican Bank Heist Scoring Millions
Attivo Networks Blogs

Third-party software vulnerability results in Mexican bank heist scoring millions

SC media logo

Mexican authorities are investigating suspect a bank hack that siphoned hundreds of millions of pesos out of at least five banks.

A vulnerability in software developed by a third party and used to connect payment systems is suspected to have been compromised allowing the money to be illegally siphoned from “fake accounts”, Banxico, Mexico’s central bank, Head of Operations Lorenza Martinez told Reuters.

Threat actors sent hundreds of false orders to the money around in amounts ranging from tens of thousands to hundreds of thousands of pesos from various banks to accounts that were then emptied in cash withdrawals from dozens of branch offices.

One source told publication the thieves made off with more than 300 million persons or $15.4 million while others have reported as much as 400 million pesos may have been stolen.

Authorities are still investigating whether or not the attackers have help from inside the bank.

Read more>>>

Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free

FAST AND EASY

Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial

GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY

  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise

RSS

Leave a Comment

Your email address will not be published. Required fields are marked *

seventeen − 10 =

Ready to find out what’s lurking in your network?

Scroll to Top