Cybercrime: A new kind of bank robbery

2009-10-01

Cybercriminals seem to be coming up with new ways to make their money. Now it seems they have developed new techniques to rob online bank accounts, according to research from Finjan's Malicious Code Research Center (MCRC).

These new techniques add functionality designed to reduce detection by standard anti-fraud technologies used by banks and Finjan believes that the new ways of attacking are part of a new trend that will grow.

"As reported previously by Finjan, cybercriminals continue to follow the money, with bank accounts steadily remaining a favourite among their targets. To avoid detection, cybercriminals continue to improve their methodologies for stealing money and going under the radar from the victims and banks alike," explained Yuval Ben-Itzhak, chief technology officer of Finjan.

He noted that cybercriminals are using "sophisticated Trojans for the theft and money mules to transfer stolen money to their accounts", thereby minimising the chances of being caught.

The Finjan report picked up on one case where a cyber gang were able to steal €300,000 [convert?] in 22 days. They used a variety of techniques, leveraging compromised legitimate websites as well as fake websites. Crimeware toolkit LuckySpoilt was used to infect visitors.

Once infected, a bank Trojan was installed on the victims' machines and initiated communication with its Command & Control server for instructions, which included how much was to be stolen from what accounts and to where the money mules would take the funds. The Trojan was able to forge onscreen bank statements, hiding the true transaction amount to trick the account holders and their banks.

This case marked "a whole new level of cybercrime sophistication" in the methods employed by cybercriminals, Mr Ben-Itzhak added.

Finjan recently welcomed the fact that Twitter had started checking URLs entered into user messages on its microblogging service, as the social media site looks to keep its users safe.

Read more security news.