Cybercriminals Target Big Four Banks, Stealing Staff Logins and Data

Nikita shekhawat
Nikita shekhawat

Marketing Analyst

 
May 1, 2025 4 min read

Cybercriminals Targeting Australian Banking Credentials

A generic graphic image including a gold dollar sign and some websites.
Image courtesy of ABC News

Cybercriminals have compromised nearly 100 staff logins from the Big Four banks in Australia, according to cybersecurity researchers. These logins, stolen via "infostealer" malware designed to extract sensitive data from infected devices, pose a significant risk. The credentials were shared on cybercrime forums and messaging platforms like Telegram.

The cyber intelligence firm Hudson Rock reported that compromised credentials were found at ANZ and Commonwealth Bank, with fewer than five at NAB and Westpac. Leonid Rozenberg, an analyst at Hudson Rock, emphasized that these logins can provide hackers with "initial access" to the banks' corporate networks.

Cybercriminals have been using infostealer malware since at least 2021, capturing not only passwords but also credit card information and browser data. The malware has been linked to a 200-fold increase in infections globally since 2018, affecting over 58,000 devices in Australia alone.

For banks, the risk is substantial. If attackers gain access, they could deploy ransomware, steal customer data, or cause significant operational disruptions. The Australian Signals Directorate (ASD) has warned about the dire consequences of infostealer infections, indicating that stolen corporate credentials can lead to successful attacks on businesses.

Security Measures in Place

Assorted screenshots from Telegram groups where cybercriminals are selling "logs" of stolen data.
Image courtesy of ABC News

Despite the stolen logins, the Big Four banks claim to have robust security measures to mitigate the risk of unauthorized access. ANZ, CommBank, NAB, and Westpac have stated they utilize multi-factor authentication and regularly monitor cybercrime forums for compromised credentials. NAB’s Chief Security Officer Sandro Bucchianeri noted that the bank actively scans both open and dark web sources for potential threats.

However, experts caution that gaining access to corporate environments remains a significant challenge, as many organizations implement additional controls beyond just usernames and passwords. Initial access brokers are known to exploit compromised credentials, selling that access to other criminal organizations.

Impact on Customers

Bank login
Image courtesy of ABC News

The threat is not limited to bank employees. More than 31,000 banking passwords belonging to customers of the Big Four banks have been discovered online, with significant risks of fraud. Cybersecurity firm Dvuln reported that the majority of these passwords were stolen from personal devices infected by infostealer malware.

The stolen data indicates a growing trend of cybercriminals targeting individual users rather than directly breaching bank security systems. The ASD emphasizes the necessity for coordinated action among financial institutions, government, and cybersecurity professionals to combat this pervasive issue.

The Role of Infostealer Malware

Banking details stolen
Image courtesy of 9News

Infostealer malware represents a significant threat not only to banks but to any organization. This type of malicious software is specifically designed to harvest sensitive information from infected devices. The data gathered can include passwords, credit card details, and other personal information.

Hudson Rock’s analysis revealed over 31 million infections globally, with Australia seeing a marked increase in these infections. The malware is often delivered through phishing attempts, infected software installations, or compromised websites.

New Threats: Bogus Login Pages

A graphic shows three figures in hoodies with a black octopus silhouette against a green background.
Image courtesy of ABC News

Recent developments have seen the emergence of sophisticated malware campaigns targeting Australians. Cybercriminals are using bogus login pages to trick users into providing their banking details. This malware, known as "Octo," can bypass multi-factor authentication and log user keystrokes, making it a potent tool for attackers.

Dario Durando from ThreatFabric revealed that this malware is available for purchase on the dark web, allowing criminals to rent it for their operations. The campaign has reportedly led to hundreds of downloads in Australia, demonstrating the increasing sophistication of cyber threats.

Strategies for Protection

A screenshot of a website selling stolen data, an ANZ website is highlighted.
Image courtesy of ABC News

To protect against these threats, it is critical for organizations to implement comprehensive cybersecurity measures. Regular updates of antivirus software, prompt password changes from secure devices, and heightened awareness of phishing attempts are essential.

Organizations should also explore advanced solutions like GrackerAI, which offers AI-powered cybersecurity marketing tools. GrackerAI enables companies to transform security news into strategic content opportunities, helping to identify emerging trends and monitor threats effectively.

For businesses in the cybersecurity sector, leveraging such tools can enhance their ability to communicate with stakeholders and position themselves as thought leaders in the industry. Explore how GrackerAI can support your cybersecurity marketing efforts at https://gracker.ai.

Nikita shekhawat
Nikita shekhawat

Marketing Analyst

 

Data analyst who identifies the high-opportunity keywords and content gaps that fuel GrackerAI's portal strategy. Transforms search data into actionable insights that drive 10x lead generation growth.

Related Articles

2025 Nonprofit Marketing Trends: AI Strategies & Best Practices

Social media is a powerful tool for nonprofit organizations to connect with their target audiences. The evolving landscape of these platforms necessitates staying updated on best practices for optimal engagement and impact.

By Hitesh Kumawat July 23, 2025 5 min read
Read full article

Unlocking Business Potential: The Role of Chief Content Officers

Chief content officers (CCOs) are increasingly common in non-media companies, driven by the growing demand for unbranded content that resonates with consumers. Over 50 non-media companies, including Airbnb and HP, have appointed CCOs to foster authentic connections with their audiences. These roles differ significantly from traditional marketing positions, focusing on producing credible, independent content that builds trust. Angela Matusik from HP states, “This is not about steering people directly to purchase. It’s about creating long-term relationships with consumers.”

By Govind Kumar July 23, 2025 3 min read
Read full article

Revamping Corporate Sustainability: Beyond Checkboxes to Impact

Sustainability has become essential for businesses, transitioning from a secondary consideration to a core corporate strategy. Companies that view sustainability merely as a checkbox risk falling behind in today's market. A PwC survey indicates over 80 percent of consumers are concerned about climate change. As sustainability expectations shift, leaders are urged to build innovative ecosystems and enhance product offerings.

By Abhimanyu Singh July 22, 2025 3 min read
Read full article

AI Revolutionizes Content Creation in Digital Marketing & SaaS

The rise of artificial intelligence (AI) is transforming digital marketing strategies, making content creation more efficient. AI content writers provide innovative solutions for generating engaging and informative content at scale. These advancements in technology enable businesses to reach wider audiences with personalized messaging, which enhances engagement and conversion rates.

By Ankit Lohar July 22, 2025 3 min read
Read full article