Cybercriminals plot massive banking Trojan attack
Gang plans to use sophisticated malware to initiate illegal wire transfers, RSA says
Computerworld - An international gang of cyber crooks is plotting a major campaign to steal money from the online accounts of thousands of consumers at 30 or more major U.S. banks, security firm RSA warned.
In an advisory Thursday, RSA said it has information suggesting the gang plans to unleash a little-known Trojan program to infiltrate computers belonging to U.S. banking customers and to use the hijacked machines to initiate fraudulent wire transfers from their accounts.
If successful, the effort could turn out to be one of the largest organized banking-Trojan operations to date, Mor Ahuvia, cybercrime communications specialist with RSA's FraudAction team, said today. The gang is now recruiting about 100 botmasters, each of whom would be responsible for carrying out Trojan attacks against U.S. banking customers in return for a share of the loot, she said.
Each botmaster will be backed by an "investor" who will provide money to buy the hardware and software needed for the attacks, Ahuvia said.
"This is the first time we are seeing a financially motivated cyber crime operation being orchestrated at this scale," Ahivia said. "We have seen DDoS attacks and hacking before. But we have never seen it being organized at this scale."
RSA's warning comes at a time when U.S. banks are already on high alert. Over the past two weeks, the online operations of several major banks, including JP Morgan Chase, Bank of America, Citigroup and Wells Fargo were disrupted by what appeared to be coordinated denial-of-service attacks.
A little-known group called "Cyber fighters of Izz ad-din Al qassam" claimed credit for the attacks, but some security experts think a nation may have been behind the campaign because of the scale and organized nature of the attacks.
In mid-September, the Financial Services Information Sharing and Analysis Center (FS-ISAC) warned banks to be on guard against cyberattackers seeking to steal employee network login credentials to conduct extensive wire transfer fraud. Specifically, the alert warned banks to watch out for hackers using spam, phishing emails, Remote Access Trojans and keystroke loggers to try and pry loose bank employee usernames and passwords.
FS-ISAC also noted that the FBI had seen a new trend where cyber criminals use stolen bank employee credentials to transfer hundreds of thousands of dollars from customer accounts to overseas locations.
Over the past few years, cyber crooks have siphoned off millions of dollars from small businesses, school districts and local governments by stealing online usernames and passwords and using those credentials to make the transfers.
The latest discussion suggests that they now have individual consumer accounts in their crosshairs, Ahuvia said, warning that the gang plans to attempt to infiltrate computers in the U.S. with a little known Trojan malware program called Gozi Prinimalka.
Crafty hackers hack craft stores -- again.
Michaels Stores (NYSE:MIK) has finally confirmed the details of the point-of-sale hack revealed in January. It's unclear what's taken them so long -- the company claims the hack was "highly sophisticated," but everyone uses a blah-blah phrase like that.
Your humble blogwatcher notes that the problem persisted for more than a month after the news first broke. smh.
In IT Blogwatch, bloggers are aghast that, for the second time, the company's POS was hacked -- lasting almost nine months.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- The Big Data Opportunity for HR and Finance
- If CEOs, CFOs, CIOs, and CHROs want to drive their businesses forward, they will need to quickly recognize the enormous value of big...
- Manufacturing Outlook: Improving time to market, operational effectiveness and innovation in a highly competitive environment
- An enterprise project portfolio management solution can help manufacturers position themselves in the new competitive landscape.
- Time-to-Market: The Need for Speed in the Automotive Industry
- Bringing new vehicles to market quickly has never been more challenging. To bring new models to market on-time and on budget, automakers need...
- Application Rationalization Scorecard: Analysis to Action
- This paper details a proven method, used most recently to evaluate a financial services application portfolio. At the method's core is the scorecard....
- Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
- This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
All Financial IT White Papers
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Mobile Security: Containerizing Enterprise Data In this on-demand webinar, Fixmo's Lee Cocking, VP of corporate strategy, explains why Apple-ization trends like mobility and "bring-your-own-device" (BYOD) are driving the...
- Endpoint Data Management: Protecting the Perimeter of the Internet of Things Not surprisingly, "Internet of Things" (IoT) and Big Data present new challenges AND opportunities for enterprise IT. Teams need to harness, secure and...
- All Financial IT Webcasts