“Soldier,” the Hacker Grabs Over $3m from American Corporate Houses
According to investigators from Trend Micro the anti-virus company, a hacker who calls himself "Soldier" and operates from Russia has committed a theft of $3.2m out of the coffers of prominent U.S corporations during March-August 2011. The amount corresponded to acquiring about $533,000/month alternatively $17,000/day.
Reportedly, Trend Micro stated that the cyber-criminal utilized crimeware kits like ZeuS and SpyEye along with exploit toolkits that helped initiate BlackHat Search Engine Optimization corruption.
Moreover according to the security company, the botnet the attacker used managed to hijack about 25,394 computers. And whilst a large majority of the victimized computer users were situated inside USA, a few were scattered in 90 other countries, the company added. Gmanews.tv published this on September 15, 2011.
Trend Micro elaborated that "Soldier," with the help of the SpyEye crimeware kit, money-mules as well as a co-conspirator understood as being from Hollywood, became extravagant with his attacks during January-July 2011. Moreover, with the help of malware for grabbing cash out of the large corporate houses' hijacked accounts, he even stole security credentials from the related end-users, it added.
Further, as per Trend Micro, Soldier, who bought American traffic that other online crooks controlled, managed to achieve many effective infections within USA.
The investigators, after conducting an analysis of the Internet Protocol addresses that a command-and-control server of a SpyEye botnet of Soldier recorded, concluded that the hacker compromised PCs belonging to different enterprises and organizations, as well as those of the US Government, research/educational institutions, military, banks, airports along with other firms within different economic sectors.
According to them, all of the above organizations didn't comprise the chief attack points for the hack. For, the purpose was to gain easy money through theft of Internet banking credentials with subsequent manipulation of the compromised accounts alternatively through sale of captured login credentials for accessing PayPal accounts, e-mails, social-networking accounts and the like.
The investigators further said that such an enormous number of compromises weren't that unnatural in the case of criminals employing SpyEye; nevertheless, the volumes filched along with the numerous organizations affected gave reason for worry. Net-security.org published this on September 15, 2011.
Related article: “Loopholes did not cause online banking thefts”: ICBC
» SPAMfighter News - 26-09-2011