Banking software codes used by national central banks of different countries have been published in open repositories. The leaked code was developed by CMA, a company specializing in software for banks and stock exchanges, according to Bank Security’s Twitter channel dedicated to security threats in banking.
The dump mainly contains the code of the depository solution DEPO / X from CMA, which, according to the description on the official website of the company, has “rich functionality to eliminate financial and operational risks and improve the efficiency of the capital markets infrastructure.” The solution is used by over 20 organizations worldwide, including central banks, central / national depositories and stock exchanges.
According to the Bank Security Twitter channel, more than $ 100 billion passes through the CMA software every day. Where the codes were published and how the leak occurred was not specified.
Recall that about a month ago, the code of the popular Cobalt Strike penetration testing toolkit was leaked to the Web. A repository has been created on the GitHub platform containing the source code for Cobalt Strike 4.0. Based on the src / main / resources / about.html file, the source code was released on December 5, 2019.
Подробнее: https://www.securitylab.ru/news/514453.php