Hackers clean out 3000 bank accounts
Date of Publishing:12/8/2010
Use Virus To Show Clients Fake Statements, Steal £675k
London: In one of the most sophisticated cyber attacks, hackers have robbed nearly £675,000 from about 3,000 online bank accounts in UK.
The scam was carried out by using a computer virus — described by experts as the most dangerous malware programme ever created — that emptied the bank accounts while showing customers fake statements, the Daily Mail reported. Internet security firm M86 Security, which discovered the scam, said the hackers stole a total of £675,000 from the unnamed British bank.
"We've never seen such a sophisticated and dangerous threat. Always check your balance and have a good idea of what it is," the security firm said. The latest virus is a variant of the Zeus trojan banking virus which first emerged 3 years ago and is called Zeus v3.
Researchers at M86 Security said the virus attacked the systems when victims were browsing the net. It swiped the online banking ID of the customers and hijacked their online banking accounts. The malware was designed to attack only those accounts which had substantial balance, it said.
Bank sites that offer two-factor authentication, such as onetime passcodes and ID tokens, are ineffective because the malware has taken over the browser after the victim has logged into the banking site, Bradley Anstis, vice president of technology strategy at M86 Security, told CNET.
Meanwhile, British high street banks do not believe they have become victims of the cyber criminals. A spokesman for HSBC said, "There are millions of viruses and other malicious software. We urge people to take basic measure to protect themselves from virus attacks. Any customer who is a victim of fraud will be reimbursed by HSBC."
However, M86 said it believed one high street bank was breached and failed to act quickly after warnings last month. More than 100,000 PCs in Britain have been infected with other forms of the trojan virus. According to Financial Fraud Action UK, about £59.7 million was lost to online banking fraud last year. Another £440 million was lost to credit card fraud. AGENCIES
Web Resource for Reference of the Above Mentioned Article: