The latest in cybercrime? Fully automated bank heists
Cybercriminals have been stealing passwords to siphon off bank accounts for years, but cybercops were gaining. Now an automated system could vastly expand online bank heists.
Cybercriminals are trying something new at the bank: fully automated online heists.Skip to next paragraph
Subscribe Today to the Monitor
In a new twist on a familiar online banking cybercrime threat, computer criminals are rolling out a new system targeting businesses’ and high-net-worth individuals' bank accounts in the US and Europe, security analysts say. The new system siphons the accounts using new, highly automated crime-ware that requires no human intervention.
Since January, when the process was discovered, a dozen cybergangs using this new robo-bank-heist rip-off technique have attempted at least $78 million in fraudulent wire transfers from accounts at 60 or more financial institutions worldwide, according to a new report by McAfee Labs, the Santa Clara, Calif., cybersecurity firm, and Guardian Analytics, a Los Altos-Calif.-based firm. Total attempted fraud could be as high as $2.5 billion.
But that's just the start. The wave of automated attacks has been rolled out in the US over the past 60 days, reports McAfee, which dubbed it the “High Roller” scheme. Credit Unions, big banks, and even regional banks were targeted in the European Union, Latin America, and now in the United States, the company found.
“With no human participation required, each attack moves quickly and scales neatly,” the report says. “This operation combines an insider level of understanding of banking transaction systems with both custom and off the shelf malicious code and appears to be worthy of the term ‘organized crime.’ ”
After striking in Italy and Germany, cybercriminals focused on the Netherlands, where computer logs showed criminals had attempted to withdraw $44 million from more than 5,000 accounts, primarily of businesses, in two banks. It’s not clear how much was actually stolen.
In March, researchers discovered that a San Jose-based server linked ultimately to a Russian Internet service provider was being used for fraudulent transactions in the Netherlands – and also to target at least 109 financial institutions in the US.
Computerized bank heists aren’t new, of course. Crime-ware programs like Zeus and SpyEye that infiltrate personal computers to steal personal banking credentials, including passwords and login information from unsuspecting users, have been a problem for years. Recording users’ keystrokes when they log remotely onto their accounts, the crimeware transmits the stolen personal banking data back to the cyberthieves.
Under that familiar scenario, a bad guy plops down at his own computer terminal to use the stolen passwords to fraudulently log onto the target account. He then transfers funds to the accounts of “money mules,” who pass the stolen funds along to the criminals, less their fee.