SEPA Targeted Utilizing ATS Merged with OHR in New Attack
McAfee the security company referring to Operation High Roller (OHR) states that it has smeared the European network of SEPA (Single Euro Payments Area) with its malicious attack using ATS. A crime-ridden scheme, OHR aims at filching funds out of high-worth financial accounts existing worldwide, explains the company.
Though not unknown that cyber-criminals misused SEPA while launching attacks, in the present case particularly they've merged the technique into elements of OHR, thus waging an advanced type of automated assault, security researchers highlight.
Apparently, SEPA payment mediums akin to ACH (Automated Clearing House) mechanism of USA are online-scammers' much-preferred choice since there are many advantages from them while conducting across-the-border transactions.
The researchers cite one instance where crooks based in Russia tried transferring EUR 61,000 ($77,854) into various mule accounts out of certain German bank via the utilization of the particular technique. When the attack was launched a few of the accounts that were affected contained balances of more than EUR 50,000 ($63,845).
Moreover, during the assault, the criminals used one transaction server that was situated in Moscow while it served one exclusive control panel pertaining to the two banks. And though there was little sophistication in the said panel, the paraphernalia working in the background was complex.
Also, of the function the control panel performed, there was revelation of the latest transfers along with a web-link taking onto the platform facilitating log-in. It even introduced one drop account while storing the same inside a database.
But the log-in platform was locked. Nevertheless, there was one concealed file-directory into which the log data were saved. The malware also hid security alerts, facilitated transactions hunt that were changed based on the manner the banks treated their SEPA dealings, and sent SEPA transfers into the criminals' mule accounts.
Related article: SAP Admits the Charges of Downloading Oracle’s Data
» SPAMfighter News - 30-11-2012