Cyber threats impacting the financial sector in 2024 – focus on the main actors

This report synthesizes 2024–early 2025 intelligence on threats to the financial sector, describing how Initial Access Brokers, ransomware/RaaS groups, banking trojans, and Phishing‑as‑a‑Service AiTM kits enable large-scale, multi-stage intrusions, and how state‑sponsored APTs (notably North Korean, Iranian, and Chinese‑nexus groups) conduct lucrative and espionage campaigns—including zero‑day and supply‑chain exploits and major cryptocurrency thefts—while often collaborating with cybercriminal operators.