Best of the Week
Most Popular
1.SNP Offers Labour Deadly Death Embrace Alliance, Holding England to Ransom, Destroy UK From Within - Nadeem_Walayat
2.Gold And Silver – Most Widely Used Currency In Western World? Stupidity - Michael_Noonan
3.Election Forecast 2015 - Coalition Economic Recovery vs Labour Collapse - Nadeem_Walayat
4.Election Forecast 2015 - Debates Boost Labour Into Opinion Polls Seats Lead - Nadeem_Walayat
5.Why are Interest Rates So Low? Ben Bernanke, Confused as Ever, Starts His Own Blog to Prove It - Mike_Shedlock
6.Leaders Debate Election 2015 - Natalie Bennett Green Party Convincing Anti-Austerity More Debt Argument - Nadeem_Walayat
7.Labour Economic Collapse vs Coalition Recovery - UK Election Forecast 2015 - Video - Nadeem_Walayat
8.China’s Stock Market Mania; How High can Red-chips Fly? - Gary_Dorsch
9.Gold and Misery, Strange Bedfellows - 31st Mar 15 - Dan_Norcini
10.Ed Miliband Debate Election 2015 Analysis - Labour Spending, Debt and Economic Collapse - Nadeem_Walayat
Last 5 days
Stock Market Valuations - Maybe I am Crazy - 28th Apr 15
Gold Price Rises, Silver Surges – Physical Demand and Greece, Ukraine, Russia Risks - 28th Apr 15
The Insurance "Game" Has Changed – and Investors Can Profit - 28th Apr 15
Prelude to a Japanese Revival - 28th Apr 15
Why You Could Make ANOTHER 100% in China Stock Market Starting Now - 28th Apr 15
CIA Prefab State Terror for Human Bondage - 28th Apr 15
Greece: Down and Probably Out - 27th Apr 15
Biotech Stocks and the Power of Context - 27th Apr 15
Strawberry Picking Undervalued Gold Stocks - 27th Apr 15
Rock-Paper-Silver - 27th Apr 15
Gold Flows East - China, India Import Massive Quantities of Gold from Switzerland - 27th Apr 15
Conservatives Start to Pull Away from Labour in Opinion Polls, But is it too Late? Election Forecast 2015 - 27th Apr 15
Gold and Silver - It's ALL about The Big Picture After All - 27th Apr 15
Sheffield School Places Election Crisis - Affluent Schools Demand Increase in Funding - 27th Apr 15
Labour Bribes Voters With Housing Market Stamp Duty Cut and Rent Controls - 27th Apr 15
Stock Market SPX Index at Resistance - 27th Apr 15
Society's Leaders Have Been Digging a Bottomless Economic Pit - 27th Apr 15
Impending Stock Market Top - Trend Forecast Summer 2015 - 26th Apr 15
Desperate Stock Market Bubble Thinking Takes Hold on Wall Street - 26th Apr 15
Stock Market Back into The Bear Suits - 26th Apr 15
One Stock Market Where You Haven't Missed the Bull Market Boom Yet - 26th Apr 15
Migrant Crisis - Europe Has Completely Lost It - 26th Apr 15
What Obama's First-Ever Energy Review Missed - 26th Apr 15
Sheffield Hallam Election Battle 2015, School Places Crisis, Can Nick Clegg Win? - 26th Apr 15
Stocks Bull Market Looks to Resume - 25th Apr 15
Gold And Silver - The U.S. Is A Corporation. Precious Metals Stand In The Way - 25th Apr 15
When the Nuclear Money Option Fails - 25th Apr 15
The War on Cash Special Report - 25th Apr 15
China Economic Slowdown Story - Why “Didi Dache” Is a Phrase You Need to Know - 25th Apr 15
The Trans-Pacific Partnership and the Death of the Republic - 25th Apr 15
Stock Splitting Caused the Stock Market Crash - 25th Apr 15
China Stock Market Parabolic Mania’s Global Risk - 24th Apr 15
What Will Happen to You When the U.S. Dollar Collapses? - 24th Apr 15
Why 2 of U.S. Dollar's Recent Bottoms Have 1 Thing In Common - 24th Apr 15
UK Economy Debt Timebomb Will Explode After Election - 24th Apr 15
Are Gold Stocks the Cheapest Ever? - 24th Apr 15
God, the Stock Market and Pascal's Wager - 24th Apr 15
Greedy Insurers Are in for a Nasty Surprise – Positioning You for Big Profits - 24th Apr 15
Four Things Missing From Obama’s First-Ever Energy Review - 24th Apr 15
How to Grow a Regenerative Medicine Industry - 23rd Apr 15
Stocks and Bonds Seven Year of Negative Returns; Fraudulent Promises - 23rd Apr 15
The Existential Danger To The Euro Is Elections - 23rd Apr 15
Stock Market No Clear Direction As Investors React To Quarterly Earnings Releases - 23rd Apr 15
Is China The Next United States? - 23rd Apr 15
U.S. Oil Glut: How High Can It Go? - 23rd Apr 15
Distorted Financial System Expect Deflation, Inflation And Hyperinflation - 23rd Apr 15
What McDonald’s Corporate Earnings Report Is Really Telling You - 23rd Apr 15
Gold Price Forecast to Become Priceless - 23rd Apr 15
FDIC Plots a Bank Heist Involving YOUR Accounts - 23rd Apr 15
$GOLD Price Year 2007 Again - 23rd Apr 15
Stocks Bubble - The Spread between Stock Prices and GDP is Blowing Out - 23rd Apr 15
Ukraine War - When Did We All Become Murderers? - 23rd Apr 15
Libya Crisis - EU Leaders Are Indicted for Nazi-Style Crimes against Humanity - 22nd Apr 15
Why Alternative Energy Isn’t Taking It on the Chin Despite Low Oil Prices - 22nd Apr 15
Bill Gross - German 10-Year Bunds Short of a Life Time - 22nd Apr 15
How to Profit from the Drop in the Oil Price - 22nd Apr 15
The U.S. Dollar's Move Is More Dangerous than You Think - 22nd Apr 15
Apple Watch Means Apple Will Become Worlds First $1 Trillion Stock - 22nd Apr 15
Half a Stocks Bubble Off Dead Center - 22nd Apr 15
They Said Go to College - Learning to become Debt Slaves - 22nd Apr 15
Best Cash ISA 2015/16, Instant and Fixed Savings Interest Rates, New Flexible Withdrawal / Deposit Rule - 22nd Apr 15
Unsound Banking: Why Most of the World's Banks Are Headed for Collapse - 21st Apr 15
Bitcoin Recent Low Price Volatility Might Be Deceptive - 21st Apr 15
Currency Wars Back As Russia Buys Gold - One Million Ounces in March Alone - 21st Apr 15
The Greece 'Grexit' Issue and the Problem of Free Trade - 21st Apr 15
Why Europe Lets People Drown - 21st Apr 15
Wealth Destruction for the 99.9 Percent - 21st Apr 15
SNP Publish England's Suicide Note as Pollsters Still Forecast Labour-SNP Election Disaster - 21st Apr 15
Characteristics of Extremely Over-Indebted Economies - 21st Apr 15
Trader Education Week -- a Free Event to Help You Learn to Spot Trading Opportunities - 21st Apr 15

Free Instant Analysis

Free Instant Technical Analysis


Market Oracle FREE Newsletter

The War on Cash!

Sophisticated Smartphone Hacking: 36 Million Euros Banking Theft

ConsumerWatch / Scams Dec 06, 2012 - 10:33 AM GMT

By: DK_Matai

ConsumerWatch

A sophisticated digital attack involving smart mobile phones has been used to steal 36 million euros or 47 million dollars from corporate and private banking customers across Europe.  The attack appears to have emanated from cybercrime servers in the Ukraine.  Android and Blackberry mobile devices have been specifically targeted, showing that attacks against Android devices are now a growing trend.  A new customised version of the Trojan spyware application "Zeus" called "ZITMO" or "Zeus-In-The-MObile" has been deployed, which security companies have called Eurograbber.  This enables a two-stage Trojan virus attack to progress that spreads from a victim’s Personal Computer or PC to their mobile telephone.  Eurograbber marks the first such case of PC-to-mobile Trojan malware targeted specifically at online banking.  More than 30,000 online banking customers in Germany, Italy, Spain and the Netherlands have been affected by this attack.


Breaking into Smartphones

 

Second Major Online Banking Breach in 2012

The Eurograbber attack -- the second significant online banking breach -- follows a similar event earlier this year, known as Operation High Roller.  High Roller utilised the same "ZITMO" technology to engineer 60 million dollars in fraudulent money transfers at 60 financial institutions.  Like High Roller, Eurograbber also started in Italy before spreading to other countries in mainland Europe.

30+ European Banks Targeted

The criminal syndicate behind Eurograbber appears to have configured the Trojan malware to target customers of 16 specific banks in Italy, as well as seven in Spain, six in Germany and three in the Netherlands.  Individual transfer amounts made by Eurograbber malware ranged from 500 euros (656 dollars) to 250,000 euros (328,000 dollars) per victim.  Targeted European banks and law enforcement agencies in the affected countries have been notified.

Case Study of Eurograbber

The sophisticated digital attack is described in a new report called "A Case Study of Eurograbber: How €36 million was stolen via malware” by Check Point and Versafe.  The report offers a step-by-step picture of how individual computers are infected and how the infected machines are then used to pull off the heist. 

Summary of Report

Eurograbber was launched against banking customers, using a sophisticated combination of malware directed at computers and mobile devices. The malware, in conjunction with the attackers’ command and control server, first infected the victims’ computers, and then, infected their mobile devices in order to intercept SMS [text] messages to bypass the banks’ two-factor authentication process.  With the stolen information and the Transaction Authentication Number (TAN), the attackers then performed automatic transfers of funds, ranging between 500 euros and 250,000 euros, from the victims’ accounts to mule accounts across Europe. To date, this exploit has only been detected in euro zone countries, but a variation of this attack could potentially affect banks in countries outside of the European Union as well.

Defeating Two Stage Authentication

The Eurograbber "ZITMO" elaborate attack is designed to defeat the two-factor authentication systems deployed by many banks. To do that, a companion, Smartphone version of the malware intercepts the one-time Transaction Authentication Number (TAN) that banks send to a customer's mobile device, via SMS or text, which the customer must then enter into a banking website prompt to authorise a money transfer.  Verification codes appear to have been recorded and used to create further banking sessions in real time. 

Two Stage Authentication Questioned

Two-stage authentication, whereby a customer enters a second code generated by the bank in addition to a regular password or pin number, is common in online banking and online eCommerce. It is also used by companies such as PayPal and Google to make cloud computing shopping and services more secure.  More than 30 per cent of the EU and US banks appear to deploy similar security systems for online banking and eCommerce.

How Can Users Protect Themselves From Becoming Victims? Report Suggestions

1. Regular Updates

Attackers consistently look to exploit known security flaws so a critical preventative measure is to regularly update all computers that are used to conduct online banking transactions. Doing so ensures the most current vendor patches and security signatures are applied thus providing the most current security available. Below are the primary elements that should be regularly updated.

a.    Operating System

b.    Antivirus software

c.    Java

d.    Adobe Flash

e.    Adobe Reader

f.     Internet Browser

g.    Any other tools or programs used for downloading files or web surfing

One of the most common infection methods is “drive-by-downloads” where malicious code is silently downloaded onto a web surfer’s computer while they are surfing the internet. It is very likely that some of the Eurograbber victims were initially infected by drive-by-downloads. Maintaining current software and security products on your computer will provide the most protection against current infection techniques like drive-by-downloads. Additionally, conducting regular antivirus scans can inform users of existing computer infections so they can take remediation actions to remove the malware.

2. Never Respond To Unsolicited Emails

Social engineering is an essential part of the attack. The email directing the customer to "click on the link to improve online banking security" is the key that opens Pandora's Box and begins the attack. Known as "phishing" emails, if the banking customer recognizes the email as unsolicited and does not click on the link, their desktop will not be infected and the Eurograbber attack will not occur. It is very important to never respond to unsolicited emails from your financial institutions. If the message is concerning to you, then contact the institution directly. Use a different source rather than using a phone number provided in the email. Inform them of the email and follow their guidance.

As a user, following best practices -- maintaining OS, application and security currency on your computer and exercising caution with unsolicited emails and during internet surfing -- can provide some of the very best protection against becoming infected.

Conclusion of Report

Eurograbber is an excellent example of a successful targeted, sophisticated and stealthy attack. The threat from custom designed, targeted attacks like Eurograbber is real and is not going away. The threat community is alive and motivated to create ever more sophisticated attacks because the spoils are rich and many. Enterprises as well as individuals need to exercise due care and ensure they conduct important online business, especially financial transactions in the most secure environments possible.  Further, individual users must be steadfast in ensuring all of their desktops, laptops and tablets have all possible security layers enabled and that they are kept current with software and security updates to ensure the best protection possible.  Online banking customers should make efforts to ensure their computer is current and to also conduct their online banking transactions from the most secure environment possible.  A computer that is current in OS and application updates and security protections combined with an office network that is protected with multiple layers of security will provide the most protection against attacks like Eurograbber.

What are your thoughts, observations and views? We are hosting an Expert roundtable on this issue at ATCA 24/7 on Yammer.

By DK Matai

www.mi2g.net

Asymmetric Threats Contingency Alliance (ATCA) & The Philanthropia

We welcome your participation in this Socratic dialogue. Please access by clicking here.

ATCA: The Asymmetric Threats Contingency Alliance is a philanthropic expert initiative founded in 2001 to resolve complex global challenges through collective Socratic dialogue and joint executive action to build a wisdom based global economy. Adhering to the doctrine of non-violence, ATCA addresses asymmetric threats and social opportunities arising from climate chaos and the environment; radical poverty and microfinance; geo-politics and energy; organised crime & extremism; advanced technologies -- bio, info, nano, robo & AI; demographic skews and resource shortages; pandemics; financial systems and systemic risk; as well as transhumanism and ethics. Present membership of ATCA is by invitation only and has over 5,000 distinguished members from over 120 countries: including 1,000 Parliamentarians; 1,500 Chairmen and CEOs of corporations; 1,000 Heads of NGOs; 750 Directors at Academic Centres of Excellence; 500 Inventors and Original thinkers; as well as 250 Editors-in-Chief of major media.

The Philanthropia, founded in 2005, brings together over 1,000 leading individual and private philanthropists, family offices, foundations, private banks, non-governmental organisations and specialist advisors to address complex global challenges such as countering climate chaos, reducing radical poverty and developing global leadership for the younger generation through the appliance of science and technology, leveraging acumen and finance, as well as encouraging collaboration with a strong commitment to ethics. Philanthropia emphasises multi-faith spiritual values: introspection, healthy living and ecology. Philanthropia Targets: Countering climate chaos and carbon neutrality; Eliminating radical poverty -- through micro-credit schemes, empowerment of women and more responsible capitalism; Leadership for the Younger Generation; and Corporate and social responsibility.

© 2012 Copyright DK Matai - All Rights Reserved Disclaimer: The above is a matter of opinion provided for general information purposes only and is not intended as investment advice. Information and analysis above are derived from sources and utilising methods believed to be reliable, but we cannot accept responsibility for any losses you may incur as a result of this analysis. Individuals should consult with their personal financial advisors.

DK Matai Archive

© 2005-2015 http://www.MarketOracle.co.uk - The Market Oracle is a FREE Daily Financial Markets Analysis & Forecasting online publication.


Post Comment

Only logged in users are allowed to post comments. Register/ Log in

Free Report - Financial Markets 2014