According to a VNA correspondent in Sydney, Australian cybersecurity researchers said cybercriminals have stolen nearly 100 employee login credentials at Australia's largest banks, putting these banks at higher risk of mass data theft and ransomware attacks.

The most serious risk of this practice, they warn, is that attackers could eventually use those leaked credentials to gain access to banks' corporate networks.

Cyber ​​intelligence firm Hudson Rock said it found dozens of compromised employee credentials at both ANZ and Commonwealth Bank, and nearly five at National Australia Bank (NAB) and Westpac.

In a worst-case scenario, those employee credentials could allow hackers to gain so-called “initial access” and break into banks’ systems, Hudson Rock analyst Leonid Rozenberg said. It’s like an “open door.”

Once hackers are inside, they can do more damage, including installing ransomware and stealing large amounts of customer data, Rozenberg warned.

Nearly 100 credentials identified by Hudson Rock belonged to current or former employees and contractors.

Researchers said all had corporate email addresses that likely logged into the same corporate domain, such as “anz.com.au” or “cba.com.au.”

The credentials were stolen between 2021 and April 2025 using malware known as “credential stealers” that was installed on employees’ devices and have since been given away or sold on the Telegram messaging platform, the dark web, or both.

In addition to passwords, information-stealing software can collect a variety of data, including credit card details, cryptocurrency wallets, and local files, as well as browser data like cookies, user history, and autofill details.

Researchers found no evidence that the digital infrastructure of any of the major banks was compromised. Only that data, including corporate credentials, was stolen from devices used by their employees.

A recent report from the Australian Signals Directorate (ASD) has warned that identity theft malware infections can have serious consequences for businesses.

According to ASD, stolen corporate credentials led to successful attacks on Australian businesses.

In the case of all four banks, Hudson Rock also found stolen login credentials belonging to third-party businesses, creating an additional layer of risk.

Criminals are not only targeting access to banks, but also the services the banks are using outside, said Mr. Rozenberg.

In the case of Common Wealth Bank, Hudson Rock reported more than 40 leaked third-party credentials, while researchers found more than 30 for Westpac Bank, more than 100 for ANZ Bank, and more than 70 for NAB Bank.

All four banks now have a number of safeguards in place to prevent unauthorized use of employee login credentials, closely monitor cybercrime forums to stay informed and learn about potential threats, regularly require employees and third parties to change their login credentials, and continuously test security systems./.

Source: https://www.vietnamplus.vn/tin-tac-danh-cap-gan-100-tai-khoan-tai-cac-ngan-hang-lon-cua-australia-post1036094.vnp