Project Blitzkrieg e-banking heist is a credible threat, McAfee says
Similar to other banking Trojan programs like Zeus or SpyEye, Gozi Prinimalka can detect when victims access banking websites and steal log-in credentials and other data associated with their accounts. That may include challenge-question answers for outgoing transactions, account balances and time-stamps for their last log-in. The malware targets a list of websites belonging to U.S. national banks, investment banks and credit unions.
After accounts with high balances have been identified, the attackers use the stolen credentials to initiate money transfers to accounts set up by co-conspirators known as money mules, who then withdraw the funds and wire them out of the country.
To prepare for Project Blitzkrieg, financial institutions can tweak their fraud detection systems to look for anomalous behavior such as log-ins coming from foreign locations, log-ins coming from the customer's IP (Internet Protocol) address at unusual hours or transactions from multiple unrelated accounts going to accounts owned by the same person, he said.
VorVzakone mentioned that he's going to be doing "Skype flooding," so financial institutions should be aware that their customer service lines might be flooded and they should take any action that they can to address that, Sherstobitoff said. They should also advise their customers to update their antivirus software and report any suspicious messages or pop-ups that are not typical of online banking.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Cybercrime and Hacking White Papers | Webcasts