Photo: Flickr/Don Hankins
McAfee and Guardian Analytics have discovered a highly sophisticated and ongoing cyber attack that has siphoned as much as $2.5 billion from bank accounts in Europe, the U.S. and Colombia.The attack, named “Operation High Roller,” does not require human participation but combines “an insider level of understanding of banking transaction systems” with both commercial and custom malicious code.
The two security firms found 60 servers processing thousands of attempted thefts from high-value commercial accounts, very rich individuals, credit unions, large global bank and regional banks by using “mule business accounts” that attempted transfers as high as $130,000.
The malware automatically finds a victim’s highest value account and transfers money to a prepaid debit card which can then be drained quickly and anonymously.
The code is an advanced version of two families of existing malicious software, known as Zeus and SpyEye, and can alter the target’s bank statement to conceal the theft.
Reuters, who first broke the story, reports:
Though written and controlled by different groups, SpyEye and Zeus share the ability to be installed on computers that visit malicious websites or legitimate pages that have been compromised by hackers, as well as through tainted links in emails…
The new software allows the criminal to siphon money out at all hours, potentially increasing the number of hacked accounts and the speed with which they are drained.
The report states that the “organised crime” behind the attacks have attempted $78 million in fraudulent transfers from accounts at 60 or more financial institutions, but the total attempted fraud could be as high as $2.5 billion if all of the attacks were as successful as the one uncovered in the Netherlands.
The Wall Street Journal reports that victims in the U.S. were companies with commercial accounts holding a minimum balance of several million dollars.
Business Insider Emails & Alerts
Site highlights each day to your inbox.