Now you don’t need a mask or a shooter to rob the bank – praying to Zeus is enough. Indeed, the days of robbers in masks walking into a bank with a sawn off shotgun have passed, and the press says today that a new wave of automated hacking of Internet bank accounts has stolen $78,000,000 in 2011 from people in Europe, Latin America and the US.
Security experts from Guardian Analytics and McAfee claim that modern robbers don’t choose a shooter these days, but rather one of two families of modern malicious software – Zeus and SpyEye. Earlier editions of the software automate the transfer of cash to money mule accounts which are controlled by mates.
Guardian Analytics’ vice-president, whose company specializes in protecting banks, claimed that it looks like the beginning of a new robbery method. It seems that the software in question is sophisticated enough to defeat “chip and PIN” and other two-factor authentication, while not transferring the entire contents of an account at once, because it can trigger an alarm. Automated versions have been detected in European countries, including the United Kingdom, Germany and Italy.
In the meantime, McAfee explains that this method was used by a dozen gangs against numerous consumers and business clients of various financial institutions in Europe, as well as in Colombia, the United States and the Netherlands. Research director at McAfee Labs confirmed that people adapting the malware had insider knowledge as to what the banks were looking for.
Both SpyEye and Zeus viruses are installed on the PCs which visit malicious portals or legitimate pages compromised by hackers. They can also be installed via tainted links in emails.
The editions of the software even manage to capture one-time passwords, like those that you receive from the banks in the form of text message. The bank robbers could use it every time, but they have to be online at the time. One more factor preventing the bank robbers from cleaning up completely is that the robbers still need legitimate accounts to funnel the money as well. The matter is that money mules are very hard to come by especially as they are more likely to be caught.
Security experts from Guardian Analytics and McAfee claim that modern robbers don’t choose a shooter these days, but rather one of two families of modern malicious software – Zeus and SpyEye. Earlier editions of the software automate the transfer of cash to money mule accounts which are controlled by mates.
Guardian Analytics’ vice-president, whose company specializes in protecting banks, claimed that it looks like the beginning of a new robbery method. It seems that the software in question is sophisticated enough to defeat “chip and PIN” and other two-factor authentication, while not transferring the entire contents of an account at once, because it can trigger an alarm. Automated versions have been detected in European countries, including the United Kingdom, Germany and Italy.
In the meantime, McAfee explains that this method was used by a dozen gangs against numerous consumers and business clients of various financial institutions in Europe, as well as in Colombia, the United States and the Netherlands. Research director at McAfee Labs confirmed that people adapting the malware had insider knowledge as to what the banks were looking for.
Both SpyEye and Zeus viruses are installed on the PCs which visit malicious portals or legitimate pages compromised by hackers. They can also be installed via tainted links in emails.
The editions of the software even manage to capture one-time passwords, like those that you receive from the banks in the form of text message. The bank robbers could use it every time, but they have to be online at the time. One more factor preventing the bank robbers from cleaning up completely is that the robbers still need legitimate accounts to funnel the money as well. The matter is that money mules are very hard to come by especially as they are more likely to be caught.
No comments:
Post a Comment