Misuse of $47M from European Bank Customers by Cybercriminals
Cybercriminals stole around €36 Million, or $47 Million, from about 30,000 European bank accounts initially in this summer (2012) prior to the operation being taken apart by the European law enforcement, published SecurityWatch on December 5, 2012.
Dubbed Euro grabber, the gang after the operation seems to have been depended on Eastern Europe though command-and-control servers were there in several countries all throughout the world, claimed Darrell Burkey, Director of IPS at Check Point Software Technologies, as reported in SecurityWatch on December 5, 2012.
The malware attack starts with the initiation of the Eurograbber installment, immediately when a victim clicks on a fake link, which is a phishing attempt. However, victims starts using the malware ignorantly when they visit the infected bank site to enter their mobile number, customized variants of harmful viruses like Zeus, SpyEye, and CarBerp Trojans are already loaded in the site and ready for an attack.
Eurograbber is activated to offer a banking security upgrade that infect a victim's phone with the variant of the Zeus in the mobile (ZITMO) Trojan, specifically designed to intercept the text message of the bank, which is a key element of the bank's two factor authorization or transaction authorization number (TAN). Once the victim's phone is infected with ZITMO Trojan, Eurograbber quietly employs the TAN to transfer funds out of the victim's account.
According to security experts analyzing the malware attack, victims lose money without even a slightest intimation. The process is functional at every instant that the bank customer logs onto his or her bank account.
The attackers have configured the malware to target customers of 16 specific banks in Italy, along with seven in Spain, six in Germany and three in the Netherlands, claimed the security experts.
Till now, the exploit has been relevant in all euro zone countries, but a difference of this attack could influence banks potentially in countries other then the European Union as well, according to the security experts.
Finally, modernize software that is a common target for Web "drive by download" exploits e.g. Adobe Flash, Java, and Web browsers -- can help stop infection by the malware, as can a vigorous amount of paranoia about clicking links in e-mails, concluded experts.
Related article: McAfee Slams Microsoft over Vista Security
» SPAMfighter News - 12-12-2012