Security firms McAfee and Guardian Analytics have published a joint fraud report, dubbed Operation High Roller, on new methods of siphoning money from banking systems. Using a series of highly sophisticated cyber attacks to target high balance accounts, criminals have been able to successfully bypass physical "chip and pin" authentication and use server-based fraudulent transactions to steal money from a number of accounts in Europe. The attacks originated in Italy, using SpyEye and Zeus malware to transfer funds into fraudulent accounts.
Although the fraud requires an initial client-based attack, McAfee discovered 426 unknown variants of the typical Zeus or SpyEye malware that were difficult to detect. The most unique part of the attack is the ability for the malware to use JavaScript web injects to alter internet login experiences for users and glean login information and two-factor authentication tokens. Once the malware has successfully retrieved this information from an end user, it initiates a bank transfer while holding up a users session. "Financial institutions must take this innovation seriously," say McAfee, warning that the latest technique can be used for other forms of physical security devices.
