Guardian Analytics and McAfee Detect New ‘Dissecting Operation High Roller’ Attack

Just as Trojans SpyEye/ZeuS give trouble to security researchers trying for tackling the menace, another malware storm, still more menacing and named "Dissecting Operation High Roller" is lurking which McAfee the anti-virus company and Guardian Analytics the security vendor for Internet-banking have been monitoring, states dailytech.com dated June 26, 2012.

Being pretty organized, the new assault that cloud-controllers are driving is different from the ZeuS attacks that involve contaminated computers usually operating individually through malicious ways.

Utilizing cloud-servers, computers that are contaminated with High Roller get targeted with fake transactions related to banks amounting a maximum of USD130,000 (EUR100,000) and unleashed through the regulated servers. Also, while conducting such high-scale transactions, mule accounts are used that the servers regulate. Moreover, after the assaults are inspected with SpyEye/ZeuS, the hijacked computers are exploited for aiming at big accounts through personalized or "spear" phishing methods wherein fraudulent electronic mails are sent to people for deceptively extorting their bank account passwords and login details.

McAfee highlights that the fresh varied-tactic malicious Trojan manages at bypassing the "chip-and-pin" solution for security typically found in the reader-ID mechanism of smartcards.

According to Director of Advanced Research and Threat Intelligence David Marcus with McAfee, the perpetrators of the attack are well versed with banking software, the environments through which such transactions occur and the way they work. They're skilled at giving fake transactions a genuine appearance, clearly depicting their understanding right into the system, he adds. Crn.com published this dated June 26, 2012.

Notably, the attack hitherto prevailed inside Holland, Germany and Italy, however, it's also reported to have hit in Columbia and USA.

In one instance, the High Roller Trojan inserted one concealed iFrame for compromising the account of an individual in Italy that helped execute an unauthorized money-transfer.

The Trojan checked the victim's balances in his different accounts following which it moved out a marginal $600 or a pre-determined percent so there was no suspicion.

According to the researchers, there were no human mediations, data-entry mistakes or delays involved. Wired.com published this dated June 26, 2012.

Conclusively, Guardian Analytics and McAfee suggest use of problem-detection program while hardening end-point regulations.

Related article: Gartner - Banks Should Improve Security to Avoid New Trojan Attack

» SPAMfighter News - 7/4/2012