Forgot your password?
typodupeerror
Security Crime

Banking Fraud Campaign Steals 500k Euros In a Week 35

Posted by Unknown Lamer
from the red-stapler dept.
An anonymous reader writes The experts at Kaspersky Lab have discovered evidence of a targeted attack against the clients of a large European bank. According to the logs found in the server used by the attackers, apparently in the space of just one week cybercriminals stole more than half a million euros from accounts in the bank. The experts also detected transaction logs on the server, containing information about which sums of money were taken from which accounts. All in all, more than 190 victims could be identified, most of them located in Italy and Turkey. The sums stolen from each bank account, according to the logs, ranged between 1,700 to 39,000 euros.
This discussion has been archived. No new comments can be posted.

Banking Fraud Campaign Steals 500k Euros In a Week

Comments Filter:
  • Really? (Score:2, Insightful)

    by Anonymous Coward

    Banking fraud here in America steals entire QE packages.

    http://inthesetimes.com/news/entry/14886/the_excel_spreadsheet_error_that_justified_global_austerity

  • Targeted Attack? (Score:5, Insightful)

    by Joe Gillian (3683399) on Wednesday June 25, 2014 @09:04AM (#47314191)

    One thing I don't really understand, and the article doesn't mention, is how exactly they know this was a targeted attack. The way the article reads, it sounds like a bunch of people got infected with a Zeus variant and had their banking details stolen off their computers, and coincidentally, a bunch of them happened to use the same large European bank. I'm willing to bet that some of those victims probably didn't use the bank in question, and that there are financial losses ranging outside of that one bank.

    That said, this isn't a very good article, because it doesn't mention how they think the malware got onto these people's computers or even which bank was supposedly "targeted".

    • Its also not clear how the attackers set up these target accounts without being flagged somehow. The use of those accounts might be the reason it was confined to one institution, and it seems that would be the most embarrassing element to the bank.
  • On the C&C server we detected there was no information as to which specific malware program was used in this campaign. However, many existing Zeus variations (Citadel, SpyEye, IceIX, etc.) – have that necessary capability. We believe the malware used in this campaign could be a Zeus flavor using sophisticated web injects on the victimsref [net-security.org]
    • The C&C server probably runs Linux. The stolen victims problably runs Windows.
  • I'm no experienced cybercriminal,

    but how long would you want to hang around the scene of the crime?

    It seems like most folks, who happen across a revenue stream from which a pinstriped suit is one possible future, would be best served by a quick-in/quick-out strategy.

  • by JTsyo (1338447) on Wednesday June 25, 2014 @10:29AM (#47314767) Journal
    Since this is all done electronically, what do the thieves do to prevent the banks from tracking where the money went? Why would banks allow transfers to institutions that don't allow the money to be tracked and returned?
    • by volmtech (769154)
      There must be a good reason. If all it takes is account information any bank employee could make himself rich first week on the job. My take on it is banks move a lot of "questionable " money around so explicit details of every transaction are purposely not recorded.
    • by Carewolf (581105)

      They don't. They need to buy something with the money or withdray them. The transfers can easily be undone and the money will return to where they were taken from unless they are fully out of the electronic system.

      • by mjwx (966435)

        They don't. They need to buy something with the money or withdray them. The transfers can easily be undone and the money will return to where they were taken from unless they are fully out of the electronic system.

        Not really,

        You launder electronic money in the same way you launder physical money. Through a semi-legit shell company. You dont need to take it out of the electronic system, you just need to take it out of the banks direct control. You cant actually do a chargeback when you dont know where the money went after step 2 because the shell company shut down and the "directors" are nowhere to be seen.

        When you do a chargeback after being defrauded, banks eat the cost because they want to keep you addicted t

When you don't know what to do, walk fast and look worried.

Working...