Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

CU System
McAfee Prepare for Blitzkrieg mass fraud campaign
SANTA CLARA, Calif. (12/17/12)--While several big banks were fending off distributed denial of service attacks last week, security firm McAfee was warning financial institutions about a substantially higher risk--"Project Blitzkrieg," in which Russian cybercriminals would use  massive fake wire transfers to steal millions from 30 U.S. large financial institutions.

In a report released Thursday, McAfee said the mass cyberheist campaign could come before spring of 2013 and that the project is "a credible threat to the financial industry and appears to be moving forward as planned" (Christian Science Monitor and CNet Dec. 13).

The project was exposed in October when mastermind hacker "vorVzakone" (translated as "thief in law") posted notices in an underground criminal online forum seeking accomplices. The hacker posted pictures of his computer setup, screenshots of his malware, and a general description of the plan to organize an army of 100 "botmasters" to attack the banks, said the Christian Science Monitor.

The plot has progressed since it was first discovered in October by Bedford, Mass.-based RSA, the cybersecurity division of EMC, whose researchers wrote about it in a blog post. They said that thieves had been using their system since April, had transferred $5 million so far and had at the time infected up to 500 institutions.

"If the aims of Project Blitzkrieg, as vor Vzakone has claimed, become fully realized by Spring 2013, the financial industry needs to be fully prepared," said McAfee in Thursday's warning.

A key feature of the plot is to purchase computerized "phone flooding" equipment to prevent banks from calling or texting their customers to verify the wire transfer requests. The thieves, however, could call the bank and claim to approve the transfers.

However, instead of targeting thousands of people, the attackers may go after smaller, more select groups, McAfee predicted (The Huffington Post Dec. 13).  This would mean the attackers could transfer millions with fewer infections. The fewer infections, the less likely the thieves would be detected by defense networks, said Post.

Among the banks being targeted, the study indicated, were Fidelity, Charles Schwab, PayPal, Citibank, Wachovia, Wells Fargo, and Capital One.
Other Resources

RSS





print
News Now LiveWire
.@LACULeague in @DailyComet: #creditunions' "old" benefits attractive to new generation http://t.co/AzOv3nB7IB
1 day ago
At @FTC request, court halts operations of an alleged debt-relief scammer calling itself “FTC Credit Solutions.” http://t.co/qMsDBmKExH
1 day ago
.@daytondailynews : The secret is out about #creditunions http://t.co/Aqu3pFTROV @DayAirCU @CODECreditUnion
1 day ago
.@CUNA's @Nussle on @SenatorReid :(2of2)On behalf of more than 102M #CU members,I thank him 4 his leadership over the yrs/wish him the best.
1 day ago
.@CUNA CEO Nussle on Sen. Reid’s decision not 2 seek re-election (1of2): Sen. Reid has a long history of #CU support throughout his career.
1 day ago