Trillium Software
     

13/8/2010

By Neil Ainger

A Zeus v2.0 botnet in control of more than 100,000 computers is being used to steal online bank account and card details from unsuspecting customers in the UK, according to the security firm Trusteer.

Run from Eastern Europe, the botnet has been used by criminals to gather account identities, logins, credit and debit card numbers, bank statements, even browser cookies, all so that the data harvested from the keylogger virus can be used for fraudulent ends.

The scam was discovered by Trusteer, who have alerted UK law enforcement agencies, when they gained access to the botnet’s drop servers and command and control centre, which contained the stolen information, including hundreds of thousands of identities, credentials, passwords and so forth. One of the four major UK High Street banks is believed to be the focus of the attack.

“This is just one out of many Zeus 2.0 botnets operating all over the world,” says Amit Klein, Trusteer’s chief technology officer. “What is especially worrying is that this botnet doesn’t just stop at user IDs and passwords. By harvesting client side certificates and cookies, the cybercriminals can extract a lot of extra information on the user, which can be used to augment illegal access to those users’ online accounts.”

“Coupled with the ability to remotely control users’ machines, download data and run any file on them, this means that the fraudsters can insert partial or complete internet pages into a live web session, enabling them to inject transactions at will or extract even more data from the hapless victims,” he added.

This is another example , claims Klein, of the growing trend towards regional malware where cybercriminals operate targeted and segmented attacks on users, harvesting revenue from one bank’s users on one day, and, as that bank’s security systems ramp up, moving on to another regional bank the next day; in this case the UK has been targeted.

• In other news, the Metropolitan Police’s Central e-Crime Unit (PCeU) arrested six people in London who stole millions of pounds after phishing the personal details of in excess of 20,000 people across the UK and Ireland. The Irish Garda was involved in the investigation, which included a raid on a property in County Meath, Ireland, as part of the wider Operation Dynamophone investigation that is targeting a network of fraudsters.

According to the PCeU, 10,000 online bank accounts and the same number of credit card details were stolen in the UK by the criminal gang. The former resulted in £358,000 in stolen proceeds, with many more millions unsuccessfully targeted by the fraudsters, while card losses could run into the millions.

Home     More News


Other stories you may find of interest:

New worm-based financial malware
The 18 month old file infecting worm Win32.Ramnit has morphed into financial malware and is actively attacking banks to commit online fraud

worldpay_240ct2011


markevans


FStech Whitepapers
Single Customer View in Financial Service
This white paper outlines what a single customer view is and what the UK requirements are, why this represents best practice and how it can be advantageous to the business, and the techniques and technologies that will be most effective in establishing and maintaining such an approach.
TATA Consultancy Services - Cloud Computing
Cloud computing is the convergence of virtualization, distributed applications, grid, maturity of enterprise software applications and enterprise IT management.
Genesys. Sustained Management: Changing the Game with Genesys iWD
The article explains how Genesys intelligent Workload Distribution (iWD) has the power to change the game in the contact center space based on new visibility into tracking, reporting, and performance management
Research Study: The Revolution in Self-Service Channels in the Financial Services Sector
This report analyses the growth of consumer self-service channels in key areas of the Financial Services Market
Genesys. Staffing and Workload Management:
Fleshes out the importance of properly managing contact center and back office work, especially through the alignment of employee skill sets.
Genesys. The Importance of Proper Hiring, Training, Career Path Development, Skilling, and Routing
Which explains why it is imperative to implement these factors correctly in the contact center and back office to ensure competent customer interactions.
Genesys. Rethinking Contact Center and Back Office Processes:
The Challenges of Achieving Balance and Consistency
SVC Analysis Report
Getting value from a single customer view?

This website is a part of Perspective Publishing Limited, registered in England No 2876166.