Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
McAfee Prepare for Blitzkrieg mass fraud campaign
SANTA CLARA, Calif. (12/17/12)--While several big banks were fending off distributed denial of service attacks last week, security firm McAfee was warning financial institutions about a substantially higher risk--"Project Blitzkrieg," in which Russian cybercriminals would use  massive fake wire transfers to steal millions from 30 U.S. large financial institutions.

In a report released Thursday, McAfee said the mass cyberheist campaign could come before spring of 2013 and that the project is "a credible threat to the financial industry and appears to be moving forward as planned" (Christian Science Monitor and CNet Dec. 13).

The project was exposed in October when mastermind hacker "vorVzakone" (translated as "thief in law") posted notices in an underground criminal online forum seeking accomplices. The hacker posted pictures of his computer setup, screenshots of his malware, and a general description of the plan to organize an army of 100 "botmasters" to attack the banks, said the Christian Science Monitor.

The plot has progressed since it was first discovered in October by Bedford, Mass.-based RSA, the cybersecurity division of EMC, whose researchers wrote about it in a blog post. They said that thieves had been using their system since April, had transferred $5 million so far and had at the time infected up to 500 institutions.

"If the aims of Project Blitzkrieg, as vor Vzakone has claimed, become fully realized by Spring 2013, the financial industry needs to be fully prepared," said McAfee in Thursday's warning.

A key feature of the plot is to purchase computerized "phone flooding" equipment to prevent banks from calling or texting their customers to verify the wire transfer requests. The thieves, however, could call the bank and claim to approve the transfers.

However, instead of targeting thousands of people, the attackers may go after smaller, more select groups, McAfee predicted (The Huffington Post Dec. 13).  This would mean the attackers could transfer millions with fewer infections. The fewer infections, the less likely the thieves would be detected by defense networks, said Post.

Among the banks being targeted, the study indicated, were Fidelity, Charles Schwab, PayPal, Citibank, Wachovia, Wells Fargo, and Capital One.
Other Resources

RSS





print
News Now LiveWire
Sony hack linked to N. Korea, says U.S.intelligence via @nytimes http://t.co/fE3PtMgEFz
11 hours ago
.@CUNAMutualGroup Klewin shares final thoughts, forecast on lending regulations with @cumagazine before retiring http://t.co/v78QY3QwqB
14 hours ago
Current @CUNA COO @JillTomalin promoted to deputy chief of staff
14 hours ago
#CU Effect:@ChartwayFCU 'branch of the future' 2 benefit members, staff. 2nd installment of new News Now series here:http://t.co/ImBY4nupEj
15 hours ago
U.K. regulators have given formal authorization for the @c_of_e to form a #creditunion.
15 hours ago