Russian gang defrauds bank customers with trojan
Swedish bank Nordea hit by country's biggest internet fraud as £600,000 goes missing from customer accounts.
A Russian criminal gang is suspected of being behind Sweden's biggest ever internet fraud.
Over 8 million kronor (nearly 600,000) disappeared in a three month period from accounts held at Swedish bank Nordea. The fraud was as a result of trojans launched by Russian criminals.
More than 250 victims have been identified and police have drawn up a list of 121 suspects. New victims are coming forward to police on a daily basis.
The bank had known about the fraud for some time, but had chosen not to make it public, according to IT publication Computer Sweden.
The first attack took place last September and an investigation by the police found that the trojan was activated when bank customers entered their log in details. Customers then received an error message and their details were passed via servers in the US to the fraudsters based in Russia.
Nordea issued a statement that the bank will compensate the victims of the fraud and would be "continuously reviewing its security procedures."
Security experts said this type of fraud could have been easily avoided.
"It shouldn't really have happened, given all that we've been told about what to be aware of in terms of what banks do and don't ask us for as individual customers," said Greg Day, security analyst at McAfee.
"Nordea have been hit with a tailor-made trojan, encouraging clients to download a spam fighting application, which actually led to infection by the trojan haxdoor.ki, which activates itself when users tries to log in."
He said the trojan then saves the information and displays an error message asking the client to resend the info. "The criminals then have two access codes in their possession which is enough to transfer money."
Become a digital service provider
How to transform your business from network core to edgeDownload now
Optimal business results with the cloud
Evaluating the best approaches to hybrid cloud adoptionDownload now
Virtualisation that enables choices, not compromises
Harness the virtualisation technology that's right for your hybrid infrastructureDownload now
Email security threat report 2020
Four key trends from spear fishing to credentials theftDownload now