February 16, 2013
Europol, the European police agency, arrested members of a Russian cybercrime syndicate in Dubai, at the United Arab Emirates in December of last year. In Spain, nearly a dozen more Russians tied to this efficient organization were apprehended in Coasta del Sol while vacationing.
There are more members still being pursued.
Authorities assert that this cyber-criminal organization used malware developed by them to commit ransomware, a form of online extortion. This malware would lock a user from accessing their computer and demand 100 euros to “unlock” it.
Rob Wainwright, the director of Europol, stated to the press: “This is the first major success of its kind against a very new phenomenon that we have only identified in the last two years. This is a mass marketing scam to distribute these thousands of times and rely on the fact that even if only 2 percent fall victim to the scam, it is still a very good pickup rate.”
Wainwright maintains that there are 48 versions of the virus created by these Russian cyber-criminals. He said: “It used the idiom and logo of each specific police service. Even Europol and my own name have been used to defraud citizens.”
The police in Spain affirmed that “the organization had a very well-structured and complex infrastructure developed from Russia.” The malware enabled the authorities to monitor the virus’ progress as it travelled through Spain, Europe and the US. Experts in America state that an estimated $5 million has been syphoned out of bank accounts by cyber-criminals.
At the end of 2012, McAfee Labs warned of a cyber-attack planned for the spring of 2013 that will steal millions of dollars from customer accounts. Thirty US banks have been named as a nameless, faceless band of “criminals” have released a Trojan virus that will remove digital currency from accounts at banks such as JP Morgan Chase & Co., Wells Fargo, Citibank and Bank of America.
The scheme is referred to as ‘Project Blitzkrieg” (PB). In a beta-testing of the assault, it is reported that 300 bank accounts were affected in the US. The recruitment for PB is being linked to Russian cyber-criminals and an alleged cyber-mafia headed by an anonymous NSD. Those who enter into PB are tasked with infecting specified US computers with predetermined malware, cloning, syphoning passwords and login information, transferring digital information from customer accounts.
Pat Calhoun, a senior vice president at McAfee said: “Our researchers have been pouring into this and what they have found, they actually found somewhere between 300 to 500 devices in the U.S. that have actually been infected with the particular malware that this individual is talking about. That, combined with some additional research we’re doing, has led us to believe this is true. This is actually a real operation that this individual is planning to launch sometime before spring 2013.”
When a customer logs into the bank website, security questions are enabled to keep the customer information protected; however the Trojan will utilize a cloned version of the bank website and retain information imputed by the user to be used against them later. A version of the Gozi Trojan called “Gozi Prinimalka” is believed to have already been used to extract $5 million from banking institutions.
These anonymous cyber-criminals will slowly drain accounts with small incremental amounts without tripping off withdrawal limits.
Calhoun explains that defensive measures must be taken. She said: “Since we know about it, we will be able to protect against it,” Calhoun said. “We’re working very closely with law enforcement and a lot of the potential targets to make sure they understand this and know how to behave or how to protect themselves against it.”
The Russian “thief-in-law”, which refers to an elite band of criminals that are somehow able to operate above law enforcement, are being identified as the culprits of this plot. An anonymous person named vorVzakone, was the first to announce PB which was described as a “collaborative effort designed to exploit the U.S. banking industry’s lack of anti-fraud mechanisms relative to European financial institutions, which generally require two-factor authentication for all wire transfers.”
Phone lines are expected to be tied up while the digital currency is removed from the customer accounts which would prevent the bank from alerting the customer of changes to their account balance.
At the same time Russians are being “identified” as part of a cyber crime syndicate, mainstream media are reviving the notion that Iran is again attacking the US banking system.
Without definitive proof, House Representative Mike Rogers, chair of the House Intelligence Committee, claims that he is 9909% sure that Iran was behind the attacks on US domestic financial institutions.
Rogers said: “You have this new level of attack coming from what has publicly been reported as Iran. That’s now at the shores of the United States. They’re not a rational actor when it comes to bring down banks or financial services networks.”
These attacks disrupted customer access to accounts while leaving digital personal data uncompromised.
Rogers decries “a national security issue that America is not ready to handle.”
The threat to the US government and banks from cyber-attacks has been purveyed in the mainstream media. CIA-controlled hacker groups like Anonymous have added fuel to the fire by attacking US federal agencies and syphoning out information that was later published on the internet. Whether that was government-sponsored or the acts of sophisticated and independent hackers the outcome is the same – more Big Brother controls placed on the Web by the Obama administration.
Earlier this week, Obama signed an executive order (EO) to strengthen “national and economic security” by enhancing “the security and resilience of the Nation’s critical infrastructure and to maintain a cyber-environment that encourages efficiency, innovation, and economic prosperity.”
Under the guise of protecting digital infrastructure, the EO established a definitive partnership between the federal government and private sector corporations to share information to prevent cyber-attacks in the future.Add This to Technorati Faves