“Operation High Roller” Makes Banks Cringe
According to a McAfee and Guardian Analytics report dubbed “operation High Roller,” an international ring of cybercriminals has been attacking banks around the world. They have been siphoning roughly $78 million from bank accounts in Columbia, Germany, Italy, the Netherlands, the United Kingdom and the U.S.
In the report, McAfee Director of Advanced Research and Threat Intelligence Dave Marcus writes that this organized crime ring built on tactics established with previous malware is coming up with innovations including: “bypasses for physical ‘chip and pin’ authentication, automated ‘mule’ account databases, server-based fraudulent transactions, and attempted transfers to mule business accounts as high as €100,000 (US$130,000).”
These hackers’ methodology represents a shift from traditional man-in-the-browser attacks on victims’ PCs to server-side automated attacks. Where they once used multipurpose botnets, they now rely on dedicated servers built for the express purpose of processing fraudulent transactions.
Like most financial fraud rings, this one had previously focused on European targets, but McAfee found that their thefts have gone global, spreading to Latin America and more recently to the U.S.
This threat impacts commercial accounts, high-net-worth individuals, and financial institutions of all sizes. The new methodology allows criminals to operate more quickly and to attempt a wider variety of transactions. It is a purpose-built, multiple-strategy approach that helps the criminals’ servers avoid detection, which keeps them live for longer, facilitating even more fraud.
Consumers can begin to protect themselves with antivirus, anti-spyware, anti-phishing, and firewall protection.
Banks and other financial institutions can improve their fraud detection rates even more by incorporating device reputation management into their layered defense. Many leading financial institutions use iovation’s ReputationManager 360 to helps stop new account fraud, detect fraud at user login, detect fraudulent credit applications and also to stop check deposit fraud from mobile phones.