SANTA CLARA, Calif. (12/17/12)--While several big banks were fending off distributed denial of service attacks last week, security firm McAfee was warning financial institutions about a substantially higher risk--"Project Blitzkrieg," in which Russian cybercriminals would use massive fake wire transfers to steal millions from 30 U.S. large financial institutions.
In a report released Thursday, McAfee said the mass cyberheist campaign could come before spring of 2013 and that the project is "a credible threat to the financial industry and appears to be moving forward as planned" (Christian Science Monitor and CNet Dec. 13).
The project was exposed in October when mastermind hacker "vorVzakone" (translated as "thief in law") posted notices in an underground criminal online forum seeking accomplices. The hacker posted pictures of his computer setup, screenshots of his malware, and a general description of the plan to organize an army of 100 "botmasters" to attack the banks, said the Christian Science Monitor.
The plot has progressed since it was first discovered in October by Bedford, Mass.-based RSA, the cybersecurity division of EMC, whose researchers wrote about it in a blog post. They said that thieves had been using their system since April, had transferred $5 million so far and had at the time infected up to 500 institutions.
"If the aims of Project Blitzkrieg, as vor Vzakone has claimed, become fully realized by Spring 2013, the financial industry needs to be fully prepared," said McAfee in Thursday's warning.
A key feature of the plot is to purchase computerized "phone flooding" equipment to prevent banks from calling or texting their customers to verify the wire transfer requests. The thieves, however, could call the bank and claim to approve the transfers.
However, instead of targeting thousands of people, the attackers may go after smaller, more select groups, McAfee predicted (The Huffington Post Dec. 13). This would mean the attackers could transfer millions with fewer infections. The fewer infections, the less likely the thieves would be detected by defense networks, said Post.
Among the banks being targeted, the study indicated, were Fidelity, Charles Schwab, PayPal, Citibank, Wachovia, Wells Fargo, and Capital One.