"Not only did we find evidence validating the existence of an early pilot campaign operated by vorVzakone and his group using the Trojan Prinimalka that infected at a minimum 300 to 500 victims across the United States, but we were also able to track additional campaigns as a result of the forum posting."
But the report also notes that discovery and exposure of vorVzakone's message may have slowed the plot, McAfee admits later in the report. Other researchers say the plot might have been delayed, torpedoed entirely – or be progressing as McAfee avers.
What vorVzakone originally proposed in his Sept. 9, 2012, message to the cybercriminal underground was a novel mass attack that would organize previously unorganized cells of the cybercriminal community. The idea was to collaborate in exploiting the US banks' vulnerabilities in authenticating wire transfers.
“The goal – together, en-masse and simultaneously process large amount of the given material before antifraud measures are increased,” vorVzakone wrote in his message, according to a translation by cybersecurity blogger Brian Krebs.
The McAfee findings largely confirm and expand on earlier findings by RSA, the Bedford, Mass.-based cybersecurity division of EMC Corp., which published its findings on Project Blitzkrieg on the company's security blog in October.