Security vendor McAfee claims a malware-mediated banking fraud ring has attempted to steal up to 2 billion from accounts in Europe, the United States and Columbia.
In a report, co-authored by McAfee and bank security specialist Guardian Analytics, it is claimed the fraudsters used Zeus and SpyEye malware to siphon off large sums of money from high balance accounts across the globe.
The attack moves quickly and seems worthy of the term 'organised crime'.
However, unlike other Zeus and SpyEye mediated banking scams, this one is far more sophisticated and scalable, the report claims.
"Unlike standard attacks that typically feature live and manual interventions, we have discovered at least a dozen groups now using server-side components and heavy automation," the report states.
"With no human participation required, each attack moves quickly and scales neatly...[and] combines an insider level of understanding of banking transactions systems that appears to be worthy of the term organised crime'."
The report, entitled Dissecting Operation High Roller, includes case studies from different countries where the banking scam has been detected.
In Germany, the hackers targeted 176 accounts whose collective balances exceeded 8 million.
Meanwhile, in the Netherlands, more than 5,000 business accounts were compromised, with the fraudsters attempting to make off with 35.6 million.
During an attack in Colombia, more than a dozen businesses were attacked and each of them had an account balance of between US$500,000 and US$2 million.
David Marcus, director of security research at McAfee, said the report's findings show that cloud-based services are becoming increasingly popular attack targets for fraudsters.
"Building on established Zeus and SpyEye tactics, this [banking fraud] ring adds many breakthroughs, [including] bypasses for physical chip and pin' authentication, automated mule account databases, server-based fraudulent transactions, and attempted transfers to mule business accounts as high as 100,000," said Marcus in a blog post.
