01-24-2007, 03:26 PM | #1 |
Red Dragon
Join Date: April 1, 2003
Location: The Midlands
Posts: 1,571
|
Swedish bank hit by 'biggest ever' online heist
Swedish bank Nordea has told ZDNet UK that it has been stung for between seven and eight million Swedish krona--up to $1.1 million--in what security company McAfee is describing as the "biggest ever" online bank heist. Over the last 15 months, Nordea customers have been targeted by e-mails containing a tailor-made Trojan, said the bank. Nordea believes that 250 customers have been affected by the fraud, after falling victim to phishing e-mails containing the Trojan. According to McAfee, Swedish police believe Russian-organized criminals are behind the attacks. Currently, 121 people are suspected of being involved. The attack started by a tailor-made Trojan sent in the name of the bank to some of its clients, according to McAfee. The sender encouraged clients to download a "spam fighting" application. Users who downloaded the attached file, called raking.zip or raking.exe, were infected by the Trojan, which some security companies call haxdoor.ki. Haxdoor typically installs keyloggers to record keystrokes, and hides itself using a rootkit. The payload of the .ki variant of the Trojan was activated when users attempted to log in to the Nordea online banking site. According to the bank, users were redirected to a false home page, where they entered important log-in information, including log-in numbers. After the users entered the information an error message appeared, informing them that the site was experiencing technical difficulties. Criminals then used the harvested customer details on the real Nordea Web site to take money from customer accounts. According to McAfee, Swedish police have established that the log-in information was sent to servers in the US, and then to Russia. Police believe the heist to be the work of organized criminals. Nordea spokesman for Sweden, Boo Ehlin, said that most of the home users affected had not been running antivirus applications on their computers. The bank has borne the brunt of the attacks and has refunded all the affected customers. Ehlin blamed successful social engineering for the heist, rather than any deficiencies in Nordea's security procedures. "It is more of an information, rather than a security problem," said Ehlin. "Codes are a very important thing. Our customers have been cheated into giving out the keys to our security, which they gave in good faith." In an effort to combat fraud, most banks have a policy of monitoring the behavior of people claiming to be their customers, so that unusual transaction behavior can be investigated and halted if fraudulent. Nordea was aware that some of the attempted transactions were false because of the large sums involved. However, during a period of 15 months a large series of small transactions enabled the criminals to successfully transfer a huge sum overall. "In some cases we saw the transactions were false, and in some cases we didn't," said Ehlin. "We can't look at every transfer, and it looked like our customers had made the transfer. Most of the cases were small amounts that we thought were ordinary. We lost approximately seven to eight million krona." Nordea has two million Internet banking customers in Sweden. The police investigation is underway, and the bank is currently reviewing its security procedures. The Metropolitan Police warned in October last year that thousands of UK users had been affected by a variant of the Haxdoor Trojan. ZDNet UK staff reported from London
__________________
Smoke me a kipper...I'll be back for breakfast!! If you can keep your head when all around are loosing theirs...you probably haven’t grasped the situation!! |
01-24-2007, 03:40 PM | #2 |
Legion Symbol
Join Date: February 14, 2002
Location: Ireland
Age: 39
Posts: 7,367
|
So they downloaded a .exe attachment?
It's good such people exist. Thanks to them I don't have to work hard for my online banking security to be above average.
__________________
ZFR |
01-24-2007, 04:11 PM | #3 |
40th Level Warrior
|
I do all my banking online nowadays, the only business i have with real life banking is when i have to use an ATM, i'm still waiting for the day they invent PC's that have such an option.
We've had warnings about similar stuff happening here as well, you're only in danger when you click on the exe, and that's something i never ever do, not even from friends, unless i'm expecting something from them.
__________________
|
01-24-2007, 07:24 PM | #4 |
Avatar
|
That was not even as sneaky as some emails I've gotten claiming to be from a bank that ask me to log in to confirm my security information or what not. In those, all you have to do is click a link that appears to be for your bank to be taken to a lookalike site and have your passwords stolen.
I amuse myself by hovering my mouse over the links in those emails to see where they are really directing you to.
__________________
"Many are my names in many countries. Mithrandir among the Elves, Tharkun to the Dwarves; Olorin I was in my youth in the West that is forgotten, in the South Incanus, in the North Gandalf; to the East I go not" --The Two Towers |
01-24-2007, 08:00 PM | #5 |
40th Level Warrior
|
Probably www.hoodlum.rus
__________________
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
A ban on Bank of America | Larry_OHF | General Discussion | 30 | 10-26-2006 02:54 PM |
Bank | Lord | Wizards & Warriors Forum | 5 | 12-15-2003 03:36 AM |
Bank Mod | canadianvixen | Miscellaneous Games (RPG or not) | 5 | 04-26-2003 12:43 AM |
How do you Make Bank??? | Felix The Assassin | Miscellaneous Games (RPG or not) | 6 | 01-22-2003 04:27 PM |
Bank job. Take it or leave it? | MaraJade | Miscellaneous Games (RPG or not) | 6 | 01-06-2002 04:51 PM |