BleepingComputer reports that threat actors have been increasingly leveraging Silicon Valley Bank in suspicious domains, phishing campaigns, and business email compromise attacks since the collapse of the U.S. commercial bank on March 10 in an effort to facilitate money and account data theft, as well as malware infections.
At least eight suspicious domains related to SVB that could be used in future attacks have been reported by security researcher Johannes Ulrich, who cautioned that former SVB clients could be targeted through lures, including support packages, loans, and other fraudulent services.
More domains associated with SVB have also been identified by Cyble, many of which emerged on the same day the bank collapsed.
Cryptocurrency scams are also being hosted on the discovered domains.
The Cyble report also noted that suspicious domains associated with peer-to-peer payments company Circle, which had $3.3 billion in cash reserves in SVB, have also been created following SVB's collapse and have been enabling wallet, digital asset, and personal data theft efforts. Phishing emails referencing SVB events have also been sent to Circle users, according to Proofpoint.