Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


SEPA Targeted Utilizing ATS Merged with OHR in New Attack

McAfee the security company referring to Operation High Roller (OHR) states that it has smeared the European network of SEPA (Single Euro Payments Area) with its malicious attack using ATS. A crime-ridden scheme, OHR aims at filching funds out of high-worth financial accounts existing worldwide, explains the company.

Though not unknown that cyber-criminals misused SEPA while launching attacks, in the present case particularly they've merged the technique into elements of OHR, thus waging an advanced type of automated assault, security researchers highlight.

Apparently, SEPA payment mediums akin to ACH (Automated Clearing House) mechanism of USA are online-scammers' much-preferred choice since there are many advantages from them while conducting across-the-border transactions.

The researchers cite one instance where crooks based in Russia tried transferring EUR 61,000 ($77,854) into various mule accounts out of certain German bank via the utilization of the particular technique. When the attack was launched a few of the accounts that were affected contained balances of more than EUR 50,000 ($63,845).

Now as per McAfee, the new assault worked in this way: the banking sector in Germany was made to encounter an ATS created with the idea of SEPA. Precisely, malevolent 'web-injects' aimed at 2 German banks, containing one malicious JavaScript whose payload was installed onto some 12 of the Internet-banking clients' PCs through SEPA. The particular assault was thus extremely personalized.

Moreover, during the assault, the criminals used one transaction server that was situated in Moscow while it served one exclusive control panel pertaining to the two banks. And though there was little sophistication in the said panel, the paraphernalia working in the background was complex.

Also, of the function the control panel performed, there was revelation of the latest transfers along with a web-link taking onto the platform facilitating log-in. It even introduced one drop account while storing the same inside a database.

But the log-in platform was locked. Nevertheless, there was one concealed file-directory into which the log data were saved. The malware also hid security alerts, facilitated transactions hunt that were changed based on the manner the banks treated their SEPA dealings, and sent SEPA transfers into the criminals' mule accounts.

Related article: SAP Admits the Charges of Downloading Oracle’s Data

» SPAMfighter News - 11/30/2012

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page