Československá obchodní banka (CSOB) Details
Československá obchodní banka (CSOB)
Prague • 8698 employees • Financial Services
https://www.csob.cz/
Czech Republic
Industry
Financial Services
Security Incidents
1
Československá obchodní banka (CSOB) is one of the leading financial institutions in the Czech Republic and Slovakia. Founded in 1964, the bank was initially established to facilitate foreign trade transactions for Czechoslovak enterprises. Following the Velvet Revolution and subsequent split of Czechoslovakia, CSOB adapted its operations to serve a broader range of financial services, including retail banking, corporate banking, insurance, and investment services.
Throughout its history, CSOB has achieved several notable milestones, including its successful privatization in 1999 when the Be...
Show more
Security Incidents
Československá obchodní banka (CSOB) Breach of Nov 2023
The phishing attempts were spread through automated voice calls, SMS messages, and social media ads. These messages d...
Show more
Show more
These phishing attacks did not take any systems or services offline, nor is there evidence of internal company data or intellect...
Show more
Severity Score
Low to Moderate
Type
Malware AttackSummary
In early November 2023, mobile users in the Czech Republic became the targets of a sophisticated phishing campaign that exploited Progressive Web Applications (PWAs) to steal banking credentials. The campaign focused on users of Československá obchodní banka (CSOB), Hungary's OTP Bank, and an unnamed Georgian bank. Attackers tricked users into installing PWAs that closely mimicked legitimate banking apps, bypassing traditional security warnings on both iOS and Android devices.The phishing attempts were spread through automated voice calls, SMS messages, and social media ads. These messages d...
Show more
Severity
The phishing campaign in early November 2023 that targeted mobile users in the Czech Republic exhibited a high level of sophistication by exploiting Progressive Web Applications (PWAs) to steal banking credentials from CSOB, OTP Bank, and an unnamed Georgian bank customers. The attackers used a multi-faceted approach, including voice calls, SMS, and social media ads, to trick users into installing malicious PWAs that bypassed traditional security warnings. The involvement of at least two distinct threat actors, the use of command-and-control infrastructure for exfiltration of credentials, and ...Show more
Impact
In a recent novel phishing campaign targeting mobile users predominantly in the Czech Republic, threat actors employed Progressive Web Applications (PWAs) to steal banking credentials by bypassing traditional security protections. The campaign affected users of Československá obchodní banka (CSOB), Hungarian OTP Bank, and a Georgian Bank. No significant data breach has been reported in terms of customer data exposure; instead, the attack focused on credential theft.These phishing attacks did not take any systems or services offline, nor is there evidence of internal company data or intellect...
Show more
KEEP YOUR ENVIRONMENT SECURE
Weak credentials are the leading cause of breaches. Beyond Identity can help.
See MFA exploits in action
Watch how adversaries exploit companies in quick videos