Fraud Ring In Hacking Attack On 60 Banks Some 60m euro is stolen from bank accounts in a massive cyber raid, after fraudsters
raid dozens of banks around the world.
Sixty million euro has been stolen from bank accounts in a massive cyber bank raid after fraudsters
raided dozens of financial institutions around the world. According
to a joint report by software security firm McAfee and Guardian Analytics, more than 60 firms have suffered from what it has
called an "insider level of understanding".
fraudsters' objective in these attacks is to siphon large amounts from high balance accounts, hence the name chosen for this
research - Operation High Roller," the report said. "If
all of the attempted fraud campaigns were as successful as the Netherlands example we describe in this report, the total attempted
fraud could be as high as 2bn euro (£1.6bn)."
automated malicious software programme was discovered to use servers to process thousands of attempted thefts from both commercial
firms and private individuals. The stolen
money was then sent to so-called mule accounts in caches of a few hundreds and 100,000 euro (£80,000) at a time. Credit unions, large multinational banks and regional banks
have all been attacked..."What they
have done differently from routine attacks is that they have got into the bank servers and constructed software that is automated.
can get around some of the mechanisms that alert the banking system to abnormal activity."..."They have identified 60 different servers, many of them in Russia, and
they have identified one alone that has been used to steal 60m euro,"..."There are dozens of servers still grinding away at this fraud – in effect stealing money."
Automated bank scam 'Operation High Roller' stole from the rich
have uncovered a sophisticated, multi-tiered financial fraud ring that may have defrauded businesses, wealthy individuals
and banks of tens of millions of dollars.
Roller bypasses multi-factor authentication technology employed by banks to attempt fraudulent transactions of &euro,60
million ($80m) worldwide since the scam began operating at the start of the year, according to security researchers from McAfee
and Guardian Analytics that uncovered the fraud.
Analysts from the two firms
reckon the fraudsters targeted at least 60 banks and financial institutions of varying sizes. The figures of attempted financial
fraud are based on the analysis of only a few European-based servers linked to the scam and the true figure of attempted fraudulent
transactions is likely to be much higher that the $80m base estimate cited by McAfee.
using Zeus and SpyEye malware to compromise online bank accounts, tied in with local money-mules to compromised accounts,
is all too commonplace.
FBI locks up 24 people in global undercover card hacking operation
The FBI has arrested 24 people involved in a card
hacking operation spanning across 13 countries with over 400,000 potential victims...13 countries were involved in the two year undercover
operation led by the FBI. 11 people were arrested in the United States and the other 13 were arrested by foreign law enforcement
abroad including the United Kingdom, Bosnia, Bulagria, Norway and Germany...
The FBI issued
over 30 search warrants leading up to the arrests and say that an estimated loss of more than $205m has been prevented...
"As the cyber threat grows more international, the response
must be increasingly global and forceful," says Manhattan U.S. attorney Preet Bharara. "The coordinated law enforcement actions
taken by an unprecedented number of countries around the world today demonstrate that hackers and fraudsters cannot count
on being able to prowl the Internet in anonymity and with impunity, even across national boundaries. Clever computer criminals
operating behind the supposed veil of the Internet are still subject to the long arm of the law."...
Cybercriminals Build Massive Banking Fraud System in the Cloud
Cybercriminals have built a cloud-based fraud system
that targeted wealthy people and commercial accounts in bilking primarily European banks of possibly billions of dollars,
security vendors say.
The international ring targeted accounts with an
average of $300,000 to $600,000, and attempted to transfer as much as $130,000 to bogus business accounts...The ring targeted
banks in Europe and then expanded to Latin America and more recently the United States...
What is unique about the fraud was the amount of
automation used, a feat made possible through the use of cloud computing, Marcus said. The combination of remote servers and
an intimate knowledge of banking transaction systems made it possible to automate the theft, rather than simply stealing user
names and passwords and having someone manually transfer money from a computer.