{"id":3800,"date":"2018-06-20T20:30:00","date_gmt":"2018-06-20T20:30:00","guid":{"rendered":"https:\/\/www.darkreading.com\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/d\/d-id\/1332109"},"modified":"2018-06-20T20:30:00","modified_gmt":"2018-06-20T20:30:00","slug":"hidden-tunnels-help-hackers-launch-financial-services-attacks","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/","title":{"rendered":"&#8216;Hidden Tunnels&#8217; Help Hackers Launch Financial Services Attacks"},"content":{"rendered":"<header>\n<\/header>\n<p><span class=\"strong black\">Hackers are using the infrastructure, meant to transmit data between applications, for command and control.<\/span> <\/p>\n<p class=\"\">The security tools and strategies financial\u00a0services organizations use to protect their data could be leveraged by cybercriminals who sneak in undetected via &#8220;hidden tunnels&#8221; to conceal their theft,\u00a0according to a new report published by Vectra.<\/p>\n<p>Ironically, financial firms have the biggest non-government security budgets in the world, Vectra says. Bank of America invests more than $600 million in cybersecurity each year, while JPMorgan Chase spends $500 million. Equifax, while smaller than both, spends an annual $85 million on security.<\/p>\n<p>Yet, in Equifax&#8217;s case \u2013 despite budget, staff, and a security operations center\u00a0\u2013 in 2017 it took 78 days for it to detect a massive breach of its network, in which attackers accessed 145.5 million Social Security numbers, 17.6 million driver&#8217;s license numbers, 20.3 million phone numbers, and 1.8 million email addresses.<\/p>\n<p>The question of how attackers were able to exfiltrate so much data, and whether the same thing could happen at another financial firm, prompted Vectra researchers to take a closer look at exactly what happened.<\/p>\n<p><strong>A Review of the Equifacts<br \/><\/strong>Equifax&#8217;s breach started when a Web server was exploited to access the corporate network. The attackers avoided using tools that would alert the company&#8217;s security team, instead building command-and-control (C&amp;C) tunnels into Equifax. They installed more than 30 Web shells with different addresses to burrow into Equifax and, once inside the network, customized their hacking tools to exploit Equifax software, evade firewalls, and exfiltrate information.<\/p>\n<p>For six months following the Equifax breach, Vectra researchers combed metadata from 246 opt-in customers and more than 4.5 million devices to learn more about attacker behaviors and network trends. They found the same activity that led to the Equifax breach is prevalent throughout the financial services industry.<\/p>\n<p>What stood out most is the use of hidden tunnels in HTTP, HTTPS, and DNS traffic, which threat actors use to get into networks protected with strong access controls. These tunnels have been used for about three to four years, says Chris Morales, head of security analytics at Vectra, where researchers had been looking into this tactic long before Equifax was hit.<\/p>\n<p>&#8220;Attackers don&#8217;t use hidden tunnels unless they have to,&#8221; he explains. When enterprise security defenses are strong, threat actors have to seek new ways to break through them.<\/p>\n<p><strong>Tunneling Into Financial Services<br \/><\/strong>Financial firms have stronger security than most, securing Web applications with layers upon layers of access controls. Because apps are locked down, data has to be sent through &#8220;hidden tunnels&#8221; to move across an organization. There are legitimate use cases for this: Specific stock-tickers commercial apps and internal financial services use tunnels to communicate.<\/p>\n<p>The high volume of traffic flowing to and from enterprise Web applications creates an ideal place for attackers to hide,\u00a0Morales says. Hidden tunnels are tough to detect because communications are hidden within connections that use normal, permitted protocols. Messages can be embedded as text in headers, cookies, and other fields, <a href=\"https:\/\/vectra.ai\/press\/report-cyberattackers-use-hidden-tunnels-to-spy-on-and-steal-from-financial-services-firms\" target=\"_blank\">researchers say<\/a>.<\/p>\n<p>Morales breaks down how an attack might work: A threat actor might start with an entry point as simple as a phishing campaign. With a foothold in the organization, the attactor can use reconnaissance techniques to learn the network \u2013 the number of devices and how he can make his footprint more durable and infect more machines.<\/p>\n<p>&#8220;As he does all those things, he&#8217;ll need to find ways to look like normal traffic,&#8221; Morales explains. &#8220;Maybe he&#8217;ll find a network scanning machine and perform recon from there because it&#8217;ll look more normal.&#8221; Once a tunnel is established, the hacker passes data in small chunks so it isn&#8217;t picked up by anomaly detection systems.<\/p>\n<p>Attackers could leverage tools purchased on the Dark Web to exfiltrate data and bypass access controls. &#8220;The tools are out there, and attackers have a great ecosystem for sharing them,&#8221; says Mike Banic, vice president of marketing at Vectra. &#8220;In some cases, their ecosystem could be better than the defenders.&#8221;<\/p>\n<p>Compared with the industry average, there are fewer C&amp;C behaviors in financial services, and HTTP C&amp;C communications are lower overall, the report states. However, there are significantly more tunnels per 10,000 devices in financial services than all other industries combined.<\/p>\n<p><strong>Related Content:<\/strong><\/p>\n<p>\u00a0<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/InSecurityvplug-368592_DR18_DR-VE-Logo-Signature.png\" alt=\"\" width=\"380\" height=\"49\"\/><\/p>\n<p><strong>Top industry experts will offer a range of information and insight on who the bad guys are \u2013 and why they might be targeting your enterprise.\u00a0<\/strong><strong>Click for\u00a0<a href=\"https:\/\/event.darkreading.com\/3453?keycode=sbx&amp;cid=smartbox_techweb_upcoming_webinars_8.500000825\" target=\"_blank\">more information<\/a><\/strong><\/p>\n<p><span class=\"italic\">Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance &amp; Technology, where she covered financial &#8230; <a href=\"https:\/\/www.darkreading.com\/author-bio.asp?author_id=837\">View Full Bio<\/a><\/span> <\/p>\n<p><span class=\"smaller strong red allcaps\">More Insights<\/span><\/p>\n<p> Read More <a href=\"https:\/\/www.darkreading.com\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/d\/d-id\/1332109?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hackers are using the infrastructure, meant to transmit data between applications, for command and control. Read More <a href=\"https:\/\/www.darkreading.com\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/d\/d-id\/1332109?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-3800","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>&#039;Hidden Tunnels&#039; Help Hackers Launch Financial Services Attacks 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"&#039;Hidden Tunnels&#039; Help Hackers Launch Financial Services Attacks 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-06-20T20:30:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/InSecurityvplug-368592_DR18_DR-VE-Logo-Signature.png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hidden-tunnels-help-hackers-launch-financial-services-attacks\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hidden-tunnels-help-hackers-launch-financial-services-attacks\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"&#8216;Hidden Tunnels&#8217; Help Hackers Launch Financial Services Attacks\",\"datePublished\":\"2018-06-20T20:30:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hidden-tunnels-help-hackers-launch-financial-services-attacks\\\/\"},\"wordCount\":792,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hidden-tunnels-help-hackers-launch-financial-services-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/InSecurityvplug-368592_DR18_DR-VE-Logo-Signature.png\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hidden-tunnels-help-hackers-launch-financial-services-attacks\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hidden-tunnels-help-hackers-launch-financial-services-attacks\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hidden-tunnels-help-hackers-launch-financial-services-attacks\\\/\",\"name\":\"'Hidden Tunnels' Help Hackers Launch Financial Services Attacks 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hidden-tunnels-help-hackers-launch-financial-services-attacks\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hidden-tunnels-help-hackers-launch-financial-services-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/InSecurityvplug-368592_DR18_DR-VE-Logo-Signature.png\",\"datePublished\":\"2018-06-20T20:30:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hidden-tunnels-help-hackers-launch-financial-services-attacks\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hidden-tunnels-help-hackers-launch-financial-services-attacks\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hidden-tunnels-help-hackers-launch-financial-services-attacks\\\/#primaryimage\",\"url\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/InSecurityvplug-368592_DR18_DR-VE-Logo-Signature.png\",\"contentUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/InSecurityvplug-368592_DR18_DR-VE-Logo-Signature.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hidden-tunnels-help-hackers-launch-financial-services-attacks\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"&#8216;Hidden Tunnels&#8217; Help Hackers Launch Financial Services Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"'Hidden Tunnels' Help Hackers Launch Financial Services Attacks 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/","og_locale":"en_US","og_type":"article","og_title":"'Hidden Tunnels' Help Hackers Launch Financial Services Attacks 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-06-20T20:30:00+00:00","og_image":[{"url":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/InSecurityvplug-368592_DR18_DR-VE-Logo-Signature.png","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"&#8216;Hidden Tunnels&#8217; Help Hackers Launch Financial Services Attacks","datePublished":"2018-06-20T20:30:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/"},"wordCount":792,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/InSecurityvplug-368592_DR18_DR-VE-Logo-Signature.png","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/","url":"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/","name":"'Hidden Tunnels' Help Hackers Launch Financial Services Attacks 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/InSecurityvplug-368592_DR18_DR-VE-Logo-Signature.png","datePublished":"2018-06-20T20:30:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/#primaryimage","url":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/InSecurityvplug-368592_DR18_DR-VE-Logo-Signature.png","contentUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/InSecurityvplug-368592_DR18_DR-VE-Logo-Signature.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/hidden-tunnels-help-hackers-launch-financial-services-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"&#8216;Hidden Tunnels&#8217; Help Hackers Launch Financial Services Attacks"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/3800","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=3800"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/3800\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=3800"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=3800"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=3800"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}