Russian gang defrauds bank customers with trojan

Swedish bank Nordea hit by country's biggest internet fraud as £600,000 goes missing from customer accounts.

A Russian criminal gang is suspected of being behind Sweden's biggest ever internet fraud.

Over 8 million kronor (nearly 600,000) disappeared in a three month period from accounts held at Swedish bank Nordea. The fraud was as a result of trojans launched by Russian criminals.

More than 250 victims have been identified and police have drawn up a list of 121 suspects. New victims are coming forward to police on a daily basis.

The bank had known about the fraud for some time, but had chosen not to make it public, according to IT publication Computer Sweden.

The first attack took place last September and an investigation by the police found that the trojan was activated when bank customers entered their log in details. Customers then received an error message and their details were passed via servers in the US to the fraudsters based in Russia.

Nordea issued a statement that the bank will compensate the victims of the fraud and would be "continuously reviewing its security procedures."

Security experts said this type of fraud could have been easily avoided.

"It shouldn't really have happened, given all that we've been told about what to be aware of in terms of what banks do and don't ask us for as individual customers," said Greg Day, security analyst at McAfee.

"Nordea have been hit with a tailor-made trojan, encouraging clients to download a spam fighting application, which actually led to infection by the trojan haxdoor.ki, which activates itself when users tries to log in."

He said the trojan then saves the information and displays an error message asking the client to resend the info. "The criminals then have two access codes in their possession which is enough to transfer money."

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

Data breach exposes widespread fake reviews on Amazon
data breaches

Data breach exposes widespread fake reviews on Amazon

7 May 2021
TsuNAME vulnerability could enable DDoS attacks on major DNS servers
distributed denial of service (DDOS)

TsuNAME vulnerability could enable DDoS attacks on major DNS servers

7 May 2021
What are SSH keys?
cyber security

What are SSH keys?

7 May 2021
Google’s about to push everyone into two-factor authentication
Security

Google’s about to push everyone into two-factor authentication

6 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021