This is according to researchers who peered into the computers of the hacking gangs.
The groups used recent improvements to two families of existing malicious software, known as Zeus and SpyEye, which lodged on the computers of clients at 60 banks.
While previous versions of the software have proved adept at stealing logon information, the latest variants automate the subsequent transfer of funds to accounts controlled by accomplices.
The findings, to be released on Tuesday by security firms McAfee and Guardian Analytics, confirmed and expanded on research from Japan-based Trend Micro Inc that was first reported last week by Reuters.
“This looks like the beginning of a new technique,” said Guardian’s Vice President Craig Priess, whose firm specializes in protecting banks.
The software is sophisticated enough to defeat “chip and PIN” and other two-factor authentication and to avoid transferring the entire contents of an account at one time, which can trigger review, according to the study.
Trend Micro said it had seen the automated versions in action in Germany, the United Kingdom and Italy.
Guardian and Intel Corp-owned McAfee said the same technology, while still emerging, had been used by a dozen gangs against consumers and business clients of financial institutions in those countries and Colombia, the Netherlands, and the United States.
“Someone designing this system has insider knowledge as to what the banks are looking for,” said Dave Marcus, research director at Mcafee Labs.
Server logs viewed by the researchers saw commands from the fraud rings to transfer a total of $78 million, including $130000 from one account. The banks may have been able to block some of those transactions, the researchers acknowledged.
Money mules
Though written and controlled by different groups, SpyEye and Zeus share the ability to be installed on computers that visit malicious websites or legitimate pages that have been compromised by hackers, as well as through tainted links in emails.
The programs already have used a technique called “web injection” to generate new entry fields when victims log on to any number of banks or other sensitive websites. Instead of seeing a bank ask for an account number and password, for example, a victimized user sees requests for both of those and an ATM card number. All that information is sent to the hacker, who signs in and transfers money to an accomplice’s account.
Those transfers can be time-consuming, and the hacker has to consider how much can be sent at once without drawing attention.
Multiple, smaller transfers are preferable but take more time.
For the past year or more, some variants have also captured one-time passwords, such as those sent from the banks by text messages to client cell phones as an added security measure. But a hacker had to be online within 30 or 60 seconds in order to use the one-time password.
The new software allows the criminal to siphon money out at all hours, potentially increasing the number of hacked accounts and the speed with which they are drained.
Brett Stone-Gross, a senior security researcher with Dell Inc unit Dell SecureWorks, said previously that the main limiting factor for crime groups is the number of accomplices, known as money mules, that they can hire to accept transfers from victim accounts. Automation will not lessen the need for mules, Stone-Gross said.
Trend Micro spoke online with sellers of the automated transfer modules who were based in Russia, Ukraine and Romania, where arrests and prosecutions are rare. It said the new software costs between $300 and $4000.
Banks generally compensate individuals in full for such losses if they are detected quickly. But recent versions of SpyEye and Zeus can present fake account balances to individual bank customers, so they might not realize their savings are being drained until too late.
2 komentar:
Selling USA FRESH SSN Leads/Fullz, along with Driving License/ID Number with good connectivity.
**PRICE FOR ONE LEAD/FULLZ 2$**
All SSN's are Tested & Verified. Fresh spammed data.
**DETAILS IN LEADS/FULLZ**
->FULL NAME
->SSN
->DATE OF BIRTH
->DRIVING LICENSE NUMBER
->ADDRESS WITH ZIP
->PHONE NUMBER, EMAIL
->EMPLOYEE DETAILS
->Bulk order negotiable
->Minimum buy 25 to 30 leads/fullz
->Hope for the long term business
->You can asked for specific states too
**Contact 24/7**
Whatsapp > +923172721122
Email > leads.sellers1212@gmail.com
Telegram > @leadsupplier
ICQ > 752822040
FULLZ AVAILABLE
Fresh & valid spammed USA SSN+Dob Leads with DL available in bulk.
>>1$ each SSN+DOB
>>3$ each with SSN+DOB+DL
>>5$ each for premium fullz (700+ credit score with replacement guarantee)
Prices are negotiable in bulk order
Serious buyer contact me no time wasters please
Bulk order will be preferable
CONTACT
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com
OTHER STUFF YOU CAN GET
SSN+DOB Fullz
CC's with CVV's (vbv & non-vbv)
USA Photo ID'S (Front & back)
All type of tutorials available
(Carding, spamming, hacking, scam page, Cash outs, dumps cash outs)
SMTP Linux Root
DUMPS with pins track 1 and 2
WU & Bank transfers
Socks, rdp's, vpn
Php mailer
Sql injector
Bitcoin cracker
Server I.P's
HQ Emails with passwords
All types of tools & tutorials.. & much more
Looking for long term business
For trust full vendor, feel free to contact
CONTACT
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com
Post a Comment