Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
McAfee Prepare for Blitzkrieg mass fraud campaign
SANTA CLARA, Calif. (12/17/12)--While several big banks were fending off distributed denial of service attacks last week, security firm McAfee was warning financial institutions about a substantially higher risk--"Project Blitzkrieg," in which Russian cybercriminals would use  massive fake wire transfers to steal millions from 30 U.S. large financial institutions.

In a report released Thursday, McAfee said the mass cyberheist campaign could come before spring of 2013 and that the project is "a credible threat to the financial industry and appears to be moving forward as planned" (Christian Science Monitor and CNet Dec. 13).

The project was exposed in October when mastermind hacker "vorVzakone" (translated as "thief in law") posted notices in an underground criminal online forum seeking accomplices. The hacker posted pictures of his computer setup, screenshots of his malware, and a general description of the plan to organize an army of 100 "botmasters" to attack the banks, said the Christian Science Monitor.

The plot has progressed since it was first discovered in October by Bedford, Mass.-based RSA, the cybersecurity division of EMC, whose researchers wrote about it in a blog post. They said that thieves had been using their system since April, had transferred $5 million so far and had at the time infected up to 500 institutions.

"If the aims of Project Blitzkrieg, as vor Vzakone has claimed, become fully realized by Spring 2013, the financial industry needs to be fully prepared," said McAfee in Thursday's warning.

A key feature of the plot is to purchase computerized "phone flooding" equipment to prevent banks from calling or texting their customers to verify the wire transfer requests. The thieves, however, could call the bank and claim to approve the transfers.

However, instead of targeting thousands of people, the attackers may go after smaller, more select groups, McAfee predicted (The Huffington Post Dec. 13).  This would mean the attackers could transfer millions with fewer infections. The fewer infections, the less likely the thieves would be detected by defense networks, said Post.

Among the banks being targeted, the study indicated, were Fidelity, Charles Schwab, PayPal, Citibank, Wachovia, Wells Fargo, and Capital One.
Other Resources


News Now LiveWire
Through the snow, be on the lookout for a @CU4Kids @CMNHospitals @COOPFS billboard in @TimesSquareNYC this week
12 hours ago
.@CUNA , trades unite to urge Congress on #datasecurity action
15 hours ago
State of Wash. @dficonsumers has expanded its CAMEL ratings to include an "S" for interest-rate sensitivity.
16 hours ago
.@HUDgov tweets: Be sure to tune in tonight to watch @SecretaryCastro on @TheDailyShow with Jon Stewart
16 hours ago
.@NJCUL Southern Chapter meeting canceled due to the impending snowstorm
16 hours ago