Bulls-Eye on the Banks - Again
by lg0p89
For some reason, people think banks are a faceless entity and they can do whatever they wish.
Every week, it seems like I read about attacks on the banking industry. This could be in the form of DDoS, Trojans, etc., and the effects can be significant. It has become interesting to read about all of the nuances of these as people get more creative.
The latest that is coming down the pipeline (allegedly) is a Trojan focused on around 30 banks. The targets are apparently set to be the larger national banks. These are being targeted for the massive amounts of money present (when a certain large national bank that starts with a "C" can lose two billion dollars and not blink an eye, there is ample cheese there to be had), opportunities to wire (Automatic Clearing House) large amounts of funds out of the bank, ability to structure the wires to reduce the suspicion activity (so it won't be detected as quickly), the large number of IP addresses that appear to be easy picking (more targets to attack versus a small community bank), etc.
Although these banks have the software and algorithms to detect this, the anomalous behavior may not be picked up immediately. By the time checks start to bounce in the victims' accounts, the money is spent! Also, many of these banks don't use a two-factor authentication.
The attacks could occur at any time. The leader of the bunch is working to recruit at least 100 botmasters. There may be up to six or eight different types of attacks used here.
This round of attacks does appear to be very well organized. They did their research on the banks. If this works out, it could be one of the largest coordinated hacks. This is being engineered to be much like the Gozi Trojan. Once the PCs have been cloned and they are accessing the accounts, the victims wouldn't be able to check their accounts (due apparently to a DDoS attack on the bank) until the money was gone and sent away to the four corners of the globe, or at least somewhere nice and warm.
As always, be wary!