“With no human participation required, each attack moves quickly and scales neatly,” the report says. “This operation combines an insider level of understanding of banking transaction systems with both custom and off the shelf malicious code and appears to be worthy of the term ‘organized crime.’ ”
After striking in Italy and Germany, cybercriminals focused on the Netherlands, where computer logs showed criminals had attempted to withdraw $44 million from more than 5,000 accounts, primarily of businesses, in two banks. It’s not clear how much was actually stolen.
In March, researchers discovered that a San Jose-based server linked ultimately to a Russian Internet service provider was being used for fraudulent transactions in the Netherlands – and also to target at least 109 financial institutions in the US.
Computerized bank heists aren’t new, of course. Crime-ware programs like Zeus and SpyEye that infiltrate personal computers to steal personal banking credentials, including passwords and login information from unsuspecting users, have been a problem for years. Recording users’ keystrokes when they log remotely onto their accounts, the crimeware transmits the stolen personal banking data back to the cyberthieves.
Under that familiar scenario, a bad guy plops down at his own computer terminal to use the stolen passwords to fraudulently log onto the target account. He then transfers funds to the accounts of “money mules,” who pass the stolen funds along to the criminals, less their fee.