McAfee uncovers Europe-wide bank fraud scam

News
By Caroline Donnelly, Xin Li
published

Security vendor hails discovery of malware-mediated bank fraud in new report.

Credit card scam

Security vendor McAfee claims a malware-mediated banking fraud ring has attempted to steal up to 2 billion from accounts in Europe, the United States and Columbia.

In a report, co-authored by McAfee and bank security specialist Guardian Analytics, it is claimed the fraudsters used Zeus and SpyEye malware to siphon off large sums of money from high balance accounts across the globe.

The attack moves quickly and seems worthy of the term 'organised crime'.

However, unlike other Zeus and SpyEye mediated banking scams, this one is far more sophisticated and scalable, the report claims.

"Unlike standard attacks that typically feature live and manual interventions, we have discovered at least a dozen groups now using server-side components and heavy automation," the report states.

"With no human participation required, each attack moves quickly and scales neatly...[and] combines an insider level of understanding of banking transactions systems that appears to be worthy of the term organised crime'."

The report, entitled Dissecting Operation High Roller, includes case studies from different countries where the banking scam has been detected.

In Germany, the hackers targeted 176 accounts whose collective balances exceeded 8 million.

Meanwhile, in the Netherlands, more than 5,000 business accounts were compromised, with the fraudsters attempting to make off with 35.6 million.

During an attack in Colombia, more than a dozen businesses were attacked and each of them had an account balance of between US$500,000 and US$2 million.

David Marcus, director of security research at McAfee, said the report's findings show that cloud-based services are becoming increasingly popular attack targets for fraudsters.

"Building on established Zeus and SpyEye tactics, this [banking fraud] ring adds many breakthroughs, [including] bypasses for physical chip and pin' authentication, automated mule account databases, server-based fraudulent transactions, and attempted transfers to mule business accounts as high as 100,000," said Marcus in a blog post.

Caroline Donnelly
Caroline Donnelly is the news and analysis editor of IT Pro and its sister site Cloud Pro, and covers general news, as well as the storage, security, public sector, cloud and Microsoft beats. Caroline has been a member of the IT Pro/Cloud Pro team since March 2012, and has previously worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.