Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

DoS Attacks' Next Target: Cell Phones
NEW YORK (6/3/13)--Banks and credit unions that were hit earlier this year by a series of distributed denial of service (DDoS) attacks on their online banking sites may have seen nothing yet. The next wave of targets will include using hijacked "botnets" of mobile phones of unsuspecting consumers to unleash attacks on call centers, web servers, financial accounts and even the stock market.

Smartphones are a quieter but more serious threat to financial institutions because mobile malware can be used to conduct telephony denial of service (TDoS) attacks--with high volumes of calls that tie up the target's the system so it cannot receive legitimate calls-- as well as steal mobile banking credentials to withdraw funds from accounts,  said the American Banker (May 30).

Authorities, including the Department of Homeland Security, in April were investigating an extortion scheme that hit public safety communications, hospitals and ambulance services. The scheme started with a phone call to an organization from someone claiming to be a collections company for payday loans. The caller, often with an accent, asked to speak with an employee about outstanding debt. If he didn't get payment, he launched a TDoS attack, with a continual stream of calls for an extended time that prevented legitimate incoming and outgoing calls.

A caller could use the TDoS attack in combination with Zeus or Zitmo malware against a financial institution's contact center, said Frost & Sullivan Principal Consultant Jarad Carleton in the article. The malware would coordinate a botnet of thousands of consumer smartphones--without the phone owners' knowledge-- with TDoS attacks on call centers or Web servers.

Other related frauds include:

  • Hijacking a mobile phone to call an organization's Information Technology department to change passwords. The caller ID would be proof of identification, and the consumer would be blamed.
  • Installing  malware on consumers' phones to intercept SMS messages and reroute them to a hacker, who transfers funds from the consumers' account.
  • Targeting company CEOs and using phones to eavesdrop on conversations or employing the phone's camera to watch. Once they capture the intelligence they want, the hackers can manipulate the stock market with a buying or selling spree, the article concluded.

News Now LiveWire
.@CUNA says new House bill is "further evidence" of lawmakers' interest in how @TheNCUA uses its funds from CUs. See News Now Monday.
1 hour ago
.@MECreditUnions announces winner of @YoungFreeME #SoundOff contest. @Sassquatch_Band will play Old Port Festival in June @PDD_Downtown
1 day ago
House Financial Services Com. to hold March 3 hearing to receive the semi-annual report of @CFPB Director Richard Cordray.
1 day ago
Rep. Jeff Miller (R-Fla.) re-introduced bill to ease veterans' access to loans for #smallbusiness purposes from a #creditunion (HR 1133)
1 day ago
You can get your subscription to @cuna 's free, daily, online #creditunion #news service News Now here:
1 day ago