Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
McAfee Prepare for Blitzkrieg mass fraud campaign
SANTA CLARA, Calif. (12/17/12)--While several big banks were fending off distributed denial of service attacks last week, security firm McAfee was warning financial institutions about a substantially higher risk--"Project Blitzkrieg," in which Russian cybercriminals would use  massive fake wire transfers to steal millions from 30 U.S. large financial institutions.

In a report released Thursday, McAfee said the mass cyberheist campaign could come before spring of 2013 and that the project is "a credible threat to the financial industry and appears to be moving forward as planned" (Christian Science Monitor and CNet Dec. 13).

The project was exposed in October when mastermind hacker "vorVzakone" (translated as "thief in law") posted notices in an underground criminal online forum seeking accomplices. The hacker posted pictures of his computer setup, screenshots of his malware, and a general description of the plan to organize an army of 100 "botmasters" to attack the banks, said the Christian Science Monitor.

The plot has progressed since it was first discovered in October by Bedford, Mass.-based RSA, the cybersecurity division of EMC, whose researchers wrote about it in a blog post. They said that thieves had been using their system since April, had transferred $5 million so far and had at the time infected up to 500 institutions.

"If the aims of Project Blitzkrieg, as vor Vzakone has claimed, become fully realized by Spring 2013, the financial industry needs to be fully prepared," said McAfee in Thursday's warning.

A key feature of the plot is to purchase computerized "phone flooding" equipment to prevent banks from calling or texting their customers to verify the wire transfer requests. The thieves, however, could call the bank and claim to approve the transfers.

However, instead of targeting thousands of people, the attackers may go after smaller, more select groups, McAfee predicted (The Huffington Post Dec. 13).  This would mean the attackers could transfer millions with fewer infections. The fewer infections, the less likely the thieves would be detected by defense networks, said Post.

Among the banks being targeted, the study indicated, were Fidelity, Charles Schwab, PayPal, Citibank, Wachovia, Wells Fargo, and Capital One.
Other Resources

RSS print
News Now LiveWire
The Hill reports House Republicans plan to delay Aug. recess to stay in D.C. until they have enough votes to pass bill on border crisis.
18 hours ago
The FHLBs of Des Moines and Seattle announce they have entered into an exclusivity arrangement regarding potential merger of the 2 entities.
18 hours ago
SunCorp and @AlloyaCorp have announced their intent to merge.
21 hours ago
.@TheNCUA bars former employee of Southwest Communities FCU,Melissa Rosing,from work at any federally insured FI. http://t.co/owtVnPxVZT
21 hours ago
Fryzel added @TheNCUA is fed. governmt, thereby will B criticized, but always tried 2 do what is right. McWatters still 2 B sworn in.2of2
23 hours ago