McAfee uncovers Europe-wide bank fraud scam

Security vendor hails discovery of malware-mediated bank fraud in new report.

Credit card scam

Security vendor McAfee claims a malware-mediated banking fraud ring has attempted to steal up to 2 billion from accounts in Europe, the United States and Columbia.

In a report, co-authored by McAfee and bank security specialist Guardian Analytics, it is claimed the fraudsters used Zeus and SpyEye malware to siphon off large sums of money from high balance accounts across the globe.

The attack moves quickly and seems worthy of the term 'organised crime'.

However, unlike other Zeus and SpyEye mediated banking scams, this one is far more sophisticated and scalable, the report claims.

"Unlike standard attacks that typically feature live and manual interventions, we have discovered at least a dozen groups now using server-side components and heavy automation," the report states.

"With no human participation required, each attack moves quickly and scales neatly...[and] combines an insider level of understanding of banking transactions systems that appears to be worthy of the term organised crime'."

The report, entitled Dissecting Operation High Roller, includes case studies from different countries where the banking scam has been detected.

In Germany, the hackers targeted 176 accounts whose collective balances exceeded 8 million.

Meanwhile, in the Netherlands, more than 5,000 business accounts were compromised, with the fraudsters attempting to make off with 35.6 million.

During an attack in Colombia, more than a dozen businesses were attacked and each of them had an account balance of between US$500,000 and US$2 million.

David Marcus, director of security research at McAfee, said the report's findings show that cloud-based services are becoming increasingly popular attack targets for fraudsters.

"Building on established Zeus and SpyEye tactics, this [banking fraud] ring adds many breakthroughs, [including] bypasses for physical chip and pin' authentication, automated mule account databases, server-based fraudulent transactions, and attempted transfers to mule business accounts as high as 100,000," said Marcus in a blog post.

Featured Resources

The definitive guide to warehouse efficiency

Get your free guide to creating efficiencies in the warehouse

Free download

The total economic impact™ of Datto

Cost savings and business benefits of using Datto Integrated Solutions

Download now

Three-step guide to modern customer experience

Support the critical role CX plays in your business

Free download

Ransomware report

The global state of the channel

Download now

Recommended

McAfee Total Protection review: Quick, effective and affordable
antivirus

McAfee Total Protection review: Quick, effective and affordable

23 Aug 2021
McAfee’s zero trust solution strengthens private applications’ security
cyber security

McAfee’s zero trust solution strengthens private applications’ security

3 Aug 2021
Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

17 Sep 2021
London ranks second to Silicon Valley as world's best startup hub
startups

London ranks second to Silicon Valley as world's best startup hub

22 Sep 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021