In the banking industry, ransomware is a well-known threat, but since the beginning of 2022, cryptojacking, an emerging threat is posing a considerable challenge to the banking industry. Ransomware has variants, and the attackers keep changing the nature of these variants. This review paper studies the complex background of these two threats and scrutinizes the actual challenges, and problems that the banking industry and financial institutions face. These threats, though distinct in nature, share commonalities, such as financial motivations and sophisticated techniques. We focus on examining the newly emerged variants of ransomware while we provide a comprehensive idea of cryptojacking and its nature. This paper involves a detailed breakdown of the specific threats posed by cryptojacking and ransomware. It explores the techniques cybercriminals use, the variabilities they look for, and the potential consequences for financial institutions and their customers. This paper also finds out how cybercriminals change their techniques following the security upgrades, and why financial firms including banks need to be proactive about cyber threats. Additionally, this paper reviews the background study of some existing papers, finds the research gaps that need to be addressed, and provides suggestions including a conclusion and future scope on those disputes. Lastly, we introduce a Digital Forensics and Incident Response (DFIR) approach for up-to-date cyber threat hunting processes for minimizing both cryptojacking and ransomware attacks in the banking industry.

翻译：在银行业中，勒索软件是一种众所周知的威胁，但自2022年初以来，加密劫持这一新兴威胁正对银行业构成重大挑战。勒索软件存在多种变体，且攻击者不断改变这些变体的特性。本综述论文研究了这两种威胁的复杂背景，并深入分析了银行业和金融机构面临的实际挑战与问题。尽管这些威胁在性质上有所不同，但它们具有共同点，例如经济动机和复杂的技术手段。我们重点考察了勒索软件新出现的变体，同时提供了对加密劫持及其性质的全面理解。本文详细剖析了加密劫持和勒索软件所构成的具体威胁，探讨了网络犯罪分子使用的技术、他们所寻求的变量，以及这些威胁对金融机构及其客户的潜在后果。本文还揭示了网络犯罪分子如何随着安全升级而改变其技术，以及包括银行在内的金融公司为何需要对网络威胁保持主动应对。此外，本文回顾了一些现有论文的背景研究，找出了需要解决的研究空白，并提供了包括结论和未来研究方向的建议。最后，我们引入了一种数字取证和事件响应（DFIR）方法，用于最新的网络威胁追踪流程，以在银行业中最大限度地减少加密劫持和勒索软件攻击。