Automatic bank robbers making a killing

Stefan Mileschin · 27th June 2012, 07:46

The days of masked robbers walking into a bank with a sawn off shotgun have gone the way of the Highwayman.

According to Reuters, a new wave of automated hacking of online bank accounts has lifted $78 million in the past year from customers in Europe, Latin America and the United States.

Insecurity experts working for McAfee and Guardian Analytics said that the weapon of choice is no longer a shooter but one of two families of existing malicious software, Zeus and SpyEye.

Previous versions of the software automate the transfer of funds to money mule accounts controlled by mates.

Guardian's Vice President Craig Priess, whose firm specialises in protecting banks said that it is starting to look as if this is the beginning of a new robbery technique.

The software is sophisticated enough to defeat "chip and PIN" and other two-factor authentication. It also does not transferring the entire contents of an account at one time, which can trigger an alarm.

Automated versions have been used in Germany, the United Kingdom and Italy.

McAfee claims that the technology has been used by a dozen gangs against consumers and business clients of financial institutions in those countries and Colombia, the Netherlands, and the United States.

Dave Marcus, research director at Mcafee Labs said whoever was adapting the viruses had insider knowledge as to what the banks are looking for.

SpyEye and Zeus sare installed on computers that visit malicious websites or legitimate pages that have been compromised by hackers, as well as through tainted links in emails.

Some variants have even managed to captured one-time passwords, such as those sent from the banks by text messages. The only reason that they are not always used is because the bank robber has to be online at the time.

Another factor which prevents the bank robbers cleaning up completely is that they still need legitimate accounts to funnel the money too. Money mules are hard to come by particularly as they are more likely to be caught.

http://news.techeye.net/security/aut...king-a-killing

27th June 2012, 07:46	#1
Stefan Mileschin [M] Reviewer Join Date: May 2010 Location: Romania Posts: 148,462	Automatic bank robbers making a killing The days of masked robbers walking into a bank with a sawn off shotgun have gone the way of the Highwayman. According to Reuters, a new wave of automated hacking of online bank accounts has lifted $78 million in the past year from customers in Europe, Latin America and the United States. Insecurity experts working for McAfee and Guardian Analytics said that the weapon of choice is no longer a shooter but one of two families of existing malicious software, Zeus and SpyEye. Previous versions of the software automate the transfer of funds to money mule accounts controlled by mates. Guardian's Vice President Craig Priess, whose firm specialises in protecting banks said that it is starting to look as if this is the beginning of a new robbery technique. The software is sophisticated enough to defeat "chip and PIN" and other two-factor authentication. It also does not transferring the entire contents of an account at one time, which can trigger an alarm. Automated versions have been used in Germany, the United Kingdom and Italy. McAfee claims that the technology has been used by a dozen gangs against consumers and business clients of financial institutions in those countries and Colombia, the Netherlands, and the United States. Dave Marcus, research director at Mcafee Labs said whoever was adapting the viruses had insider knowledge as to what the banks are looking for. SpyEye and Zeus sare installed on computers that visit malicious websites or legitimate pages that have been compromised by hackers, as well as through tainted links in emails. Some variants have even managed to captured one-time passwords, such as those sent from the banks by text messages. The only reason that they are not always used is because the bank robber has to be online at the time. Another factor which prevents the bank robbers cleaning up completely is that they still need legitimate accounts to funnel the money too. Money mules are hard to come by particularly as they are more likely to be caught. http://news.techeye.net/security/aut...king-a-killing

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Konami Sued By Bank For Fraud Over $15M Loan	Stefan Mileschin	WebNews	0	25th May 2012 07:37
HP ZR2740w - High Resolution IPS that Doesn't Break the Bank	Stefan Mileschin	WebNews	0	16th March 2012 07:11
Man Steals NY Federal Reserve Bank Source Code	Stefan Mileschin	WebNews	0	20th January 2012 08:43
Thwart robbers with an old smoke alarm	jmke	WebNews	0	1st March 2010 15:09
Chrome is a security nightmare, indexes your bank accounts	jmke	WebNews	0	4th September 2008 14:27
Man Robs Bank Disguised As Tree	jmke	WebNews	3	9th July 2007 14:08
Zephyrus Automatic System Controller	Sidney	WebNews	0	7th November 2004 18:16
LaCie Data Bank: Portable External Hard Disk	jmke	WebNews	0	13th September 2004 14:58
Online Thieves Empty Bank Accounts	Sidney	WebNews	0	17th June 2004 03:36