Security researchers uncovered 'Project Blitzkrieg', a plan for a major cyberheist of US banks, after its purported Russian mastermind posted recruitment messages online. It's not clear whether the publicity halted the plot.
In one of the most ambitious cyber-bank-heist plots ever uncovered, Russian cybercriminals plan to use a mass of fake wire transfers to steal millions from 30 big US financial institutions, possibly before spring 2013, security researchers say.
A key reason that "Project Blitzkrieg" has been exposed is that its purported mastermind, a cybercriminal who goes by the hacker alias “vorVzakone,” which translates to “thief in law,” posted notices in an underground criminal online forum advertising for accomplices, researchers say.
The messages vorVzakone posted, including key pictures of his computer setup, screenshots of his malware, and a general description of the plan to organize an army of 100 "botmasters" to attack the banks, were tantalizing, but also suspect – at least initially.
Was this bluster just evidence of the Russian police setting up sting operation to entrap would-be cyberthieves? No. New findings indicate the plot was all too real, and appears to have progressed since its first discovery in October, according to a new report released Thursday by McAfee, the Santa Clara, Calif., cybersecurity firm.
"McAfee Labs believes that Project Blitzkrieg is a credible threat to the financial industry and appears to be moving forward as planned," the report concludes.
"Not only did we find evidence validating the existence of an early pilot campaign operated by vorVzakone and his group using the Trojan Prinimalka that infected at a minimum 300 to 500 victims across the United States, but we were also able to track additional campaigns as a result of the forum posting."
But the report also notes that discovery and exposure of vorVzakone's message may have slowed the plot, McAfee admits later in the report. Other researchers say the plot might have been delayed, torpedoed entirely – or be progressing as McAfee avers.