Cybercriminals Plot Massive Banking Trojan Attack
Cybercriminals Plot Massive Banking Trojan Attack Computerworld – An international gang of cyber crooks is plotting a major campaign to steal money from the online accounts of thousands of consumers at 30 or more major U.S. banks, security firm RSA warned. In an advisory Thursday, RSA said it has information suggesting the gang plans to unleash a little-known Trojan program to infiltrate computers belonging to U.S. banking customers and to use the hijacked machines to initiate fraudulent wire transfers from their accounts. If successful, the effort could turn out to be one of the largest organized banking-Trojan operations to date, Mor Ahuvia, cybercrime communications specialist with RSA’s FraudAction team, said today. The gang is now recruiting about 100 botmasters, each of whom would be responsible for carrying out Trojan attacks against U.S. banking customers in return for a share of the loot, she said. Each botmaster will be backed by an “investor” who will provide money to buy the hardware and software needed for the attacks, Ahuvia said. “This is the first time we are seeing a financially motivated cyber crime operation being orchestrated at this scale,” Ahivia said. “We have seen DDoS attacks and hacking before. But we have never seen it being organized at this scale.” RSA’s warning comes at a time when U.S. banks are already on high alert. Over the past two weeks, the online operations of several major banks, including JP Morgan Chase, Bank of America, Citigroup and Wells Fargo were disrupted by what appeared to be coordinated denial-of-service attacks.
A little-known group called “Cyber fighters of Izz ad-din Al qassam” claimed credit for the attacks, but some security experts think a nation may have been behind the campaign because of the scale and organized nature of the attacks. In mid-September, the Financial Services Information Sharing and Analysis Center (FS-ISAC) warned banks to be on guard against cyberattackers seeking to steal employee network login credentials to conduct extensive wire transfer fraud. Specifically, the alert warned banks to watch out for hackers using spam, phishing emails, Remote Access Trojans and keystroke loggers to try and pry loose bank employee usernames and passwords. FS-ISAC also noted that the FBI had seen a new trend where cyber criminals use stolen bank employee credentials to transfer hundreds of thousands of dollars from customer accounts to overseas locations. Over the past few years, cyber crooks have siphoned off millions of dollars from small businesses, school districts and local governments by stealing online usernames and passwords and using those credentials to make the transfers. The latest discussion suggests that they now have individual consumer accounts in their crosshairs, Ahuvia said, warning that the gang plans to attempt to infiltrate computers in the U.S. with a little known Trojan malware program called Gozi Prinimalka.The malware is an updated version of a much older banking Trojan, Gozi, which was used by cyber criminals to steal millions of dollars from U.S. banks. The group’s plan apparently is to plant the Trojan program on numerous websites and to infect computers when users visit those sites.
The Trojan is triggered when the user of an infected computer types out certain words — such as the name of a specific bank — into a URL string. Unlike the original Gozi, the new version is capable not only of communicating with a central command-and-control server but also of duplicating the victim’s PC settings. The Trojan essentially supports a virtual machine cloning feature that can duplicate the infected PC’s screen resolutions, cookies, time zone, browser type and version and other settings. That allow the attacker to access a victim’s bank website using a computer that appears to have the infected PC’s real IP address and other settings, Ahuvia said. “Impersonated victims’ accounts will thus be accessed via a SOCKS proxy connection installed on their infected PCs, enabling the cloned virtual system to take on the genuine IP address when accessing the bank’s website,” she said in her alert. Victims of fraudulent wire transfers will not immediately know of the theft because the gang plans on using VoIP flooding software to prevent victims from getting bank notifications on their mobile devices, she added. Consumers need to ensure that their browsers are properly updated to protect against drive by downloads, she said. They also need to watch for any suspicious behavior or transactions on their accounts. RSA has also notified U.S. law enforcement and its own FraudAction Global Blocking Network about the threat, she said. Banks, meanwhile, should consider implementing stronger authentication procedures and anomaly detection tools for spotting unusual wire transfers. Oct 8, 2012 |
Copyright © 2012 SteveQuayle.com |
Anyone can join.
Anyone can contribute.
Anyone can become informed about their world.
"United We Stand" Click Here To Create Your Personal Citizen Journalist Account Today, Be Sure To Invite Your Friends.
Please Help Support BeforeitsNews by trying our Natural Health Products below!
Order by Phone at 888-809-8385 or online at https://mitocopper.com M - F 9am to 5pm EST
Order by Phone at 866-388-7003 or online at https://www.herbanomic.com M - F 9am to 5pm EST
Order by Phone at 866-388-7003 or online at https://www.herbanomics.com M - F 9am to 5pm EST
Humic & Fulvic Trace Minerals Complex - Nature's most important supplement! Vivid Dreams again!
HNEX HydroNano EXtracellular Water - Improve immune system health and reduce inflammation.
Ultimate Clinical Potency Curcumin - Natural pain relief, reduce inflammation and so much more.
MitoCopper - Bioavailable Copper destroys pathogens and gives you more energy. (See Blood Video)
Oxy Powder - Natural Colon Cleanser! Cleans out toxic buildup with oxygen!
Nascent Iodine - Promotes detoxification, mental focus and thyroid health.
Smart Meter Cover - Reduces Smart Meter radiation by 96%! (See Video).
What a perfect setup for a False Flag… the banks have to ‘close’ because of a ‘virus’ on a Friday. We’ll all wake up Monday and all of our money will be gone. Transferred to the Globalists while blamed on Cyber-terrorism… This would complete the Globalists raping of the US wealth, cause riots and explain why they’re getting ready for ML.
And guess who it is that REALLY will have all our money – the Bangsters themselves of course!
Perfect for cyber sercurity role out as well. man they think their so sneaky lol.
“The geek squad terrorist” ….. Uh… Oh ya that love the constitution and have guns, oh no! we must take away all of your rights and set up check points, have your children be growped by fat pervy slobes for your protection aswell.
I always thought cyberbanking was a bad way to leave the door to the safe wide open with a truck gassed up and in good repair hanging by the backdoor of the bank. With no guards. Or alarm. Windows 7. Believe me, Microsoft’s eggheads are not the only eggheads. Microsoft is aware of this. Thus, it is intuitively obvious that the Windows 7 banking system was made to hack and loot at will. Nerd theft.
Its law enforcement themselves who are staging this cyber attack. Hello??????????