Russian gang defrauds bank customers with trojan

Swedish bank Nordea hit by country's biggest internet fraud as £600,000 goes missing from customer accounts.

A Russian criminal gang is suspected of being behind Sweden's biggest ever internet fraud.

Over 8 million kronor (nearly 600,000) disappeared in a three month period from accounts held at Swedish bank Nordea. The fraud was as a result of trojans launched by Russian criminals.

More than 250 victims have been identified and police have drawn up a list of 121 suspects. New victims are coming forward to police on a daily basis.

The bank had known about the fraud for some time, but had chosen not to make it public, according to IT publication Computer Sweden.

The first attack took place last September and an investigation by the police found that the trojan was activated when bank customers entered their log in details. Customers then received an error message and their details were passed via servers in the US to the fraudsters based in Russia.

Nordea issued a statement that the bank will compensate the victims of the fraud and would be "continuously reviewing its security procedures."

Security experts said this type of fraud could have been easily avoided.

"It shouldn't really have happened, given all that we've been told about what to be aware of in terms of what banks do and don't ask us for as individual customers," said Greg Day, security analyst at McAfee.

"Nordea have been hit with a tailor-made trojan, encouraging clients to download a spam fighting application, which actually led to infection by the trojan haxdoor.ki, which activates itself when users tries to log in."

He said the trojan then saves the information and displays an error message asking the client to resend the info. "The criminals then have two access codes in their possession which is enough to transfer money."

Featured Resources

Become a digital service provider

How to transform your business from network core to edge

Download now

Optimal business results with the cloud

Evaluating the best approaches to hybrid cloud adoption

Download now

Virtualisation that enables choices, not compromises

Harness the virtualisation technology that's right for your hybrid infrastructure

Download now

Email security threat report 2020

Four key trends from spear fishing to credentials theft

Download now

Recommended

How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
Weekly threat roundup: Microsoft Defender, Adobe, Mimecast
vulnerability

Weekly threat roundup: Microsoft Defender, Adobe, Mimecast

14 Jan 2021
Mimecast admits hackers accessed users’ Microsoft accounts
Security

Mimecast admits hackers accessed users’ Microsoft accounts

13 Jan 2021
What is public key infrastructure (PKI)?
Security

What is public key infrastructure (PKI)?

12 Jan 2021

Most Popular

How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021
The fate of Parler exposes the reality of deregulated social media
Policy & legislation

The fate of Parler exposes the reality of deregulated social media

14 Jan 2021
Should IT departments to call time on WhatsApp?
communications

Should IT departments to call time on WhatsApp?

15 Jan 2021