Hackers Exploiting Silicon Valley Bank (SVB) Collapse to Launch Cyber-Attacks

The failure of Silicon Valley Bank (SVB) on March 10, 2023, as a result of a bank run on its deposits, is expected to have a significant impact on this society because SVB had previously been the preferred banking partner for many businesses globally.

This failure was the second-biggest in American history and the greatest bank failure since the financial crisis of 2007–2008.

“The collapse of SVB has been severe, with many startups now facing financial instability and even potential layoffs”, reports Cyble Research & Intelligence Labs (CRIL).

These impacted businesses, therefore, look for alternate finance sources to maintain their functioning. They have become a top target for Threat Actors (TAs), who are exploiting the current circumstance by carrying out different malicious acts, due to their need for financial stability.

These operations seek to deceive targets by stealing money, account information, or malware.

Hackers Taking Advantage of the SVB Collapse

In the wake of the SVB collapse, multiple suspicious websites have surfaced (listed below), according to Cyble Research & Intelligence Labs (CRIL). 

These websites appear to have been created by TAs who wish to take advantage of the current circumstance for their own gain.

According to the report by security researcher Johannes Ulrich, threat actors are grabbing the chance and registering suspicious domains with ties to SVB that will almost certainly be utilized in attacks.

He added that scammers would try to contact former SVB customers and offer them a support package, legal services, loans, or other fake services related to the bank’s failure.

Notably, an attack by BEC threat actors, who pose as SVB customers and request money be transmitted to a new bank account following the bank’s collapse, has already been observed in the wild.

“March 13 2023 – Silicon Valley Bank is actively distributing USDC as part of the SVB USDC payback program to eligible USDC holders. USDC payouts can only be claimed once per wallet,” claims the cryptocurrency scam.

Yet when you click the “Click here to claim” button on the website, a QR code that tries to hack the Metamask, Exodus, and the Trust Wallet crypto wallets when scanned.

Similarly, on March 13, 2023, Circle, the company responsible for issuing USD coins, declared that SVB possessed $3.3 billion in USDC and that it would resume business.

However, according to Circle, USDC would continue to be redeemable for US dollars one for one with the U.S. Dollar. Soon after this release, CRIL discovered a number of phishing websites posing as Circle and offering a 1 USDC for 1 USD exchange rate. 

List of phishing sites that follow the same cryptocurrency scam pattern:

• hxxps://redeemed-circle[.]com
• hxxps://circle-reserves[.]com
• hxxps://circleusdcoin[.]com
• hxxps://circle-mintusdc[.]com
• hxxps://svb-circle[.]com
• hxxps://circle.web3claimer[.]net
• hxxps://usd-circle[.]com

In a different instance, the threat actors operating “cash4svb.com” try to phish trade creditors’ or lenders’ contact information by offering them a return of 65% to 85%.

Final Thoughts

Users may fall for these scams because of panic, a false sense of urgency, and a lack of attention. TAs frequently leverages ongoing circumstances and events to initiate mass infection campaigns.

Several companies and individuals who used SVB’s services have been impacted by this incident, including those in the technology, life science, healthcare, private equity, venture capital, and premium wine sectors.

In order to protect their sensitive data from potential cyber threats, affected enterprises must be vigilant and take immediate action.

Network Security Checklist – Download Free E-Book

Related Read: