Wednesday, 30 September 2009

New Malware Re-Writes Online Bank Statements to Cover Fraud

Source: Threat Level

The URLZone trojan not only performs money transfers out of a victim's bank account, but also re-writes HTML from the bank website on the fly so that the victim can't see the transfer in the account statement. This gives the criminals a larger window in which to cash out.

Friday, 11 September 2009

Cyber Thieves Steal $447,000 From Wrecking Firm

Source: Security Fix

In his continuing coverage of phishing and money mules in the USA, Brian Krebs gives details of a wrecking firm that was hit for a massive $447,000, not all of which was successfully looted. The interesting fact in this case was that the bank used a form of two-factor authentication -- a USB key fob which generates a new six-digit code every minute. Unfortunately, this kind of authentication is vulnerable to a man-in-the-browser attack, which is how the crooks operate, using malware called "Zeus".

Saturday, 5 September 2009

More Business Banking Victims Speak Out

Source: Security Fix

In a follow-up to earlier reporting about account-siphoning and money mules in the US, Brian Krebs gives us another report which includes names of Western Union transfer recipients in the Ukraine, and quotes from one of the mules in question. Note that this mule was soft-recruited by first being given text-correction work, then offered promotion to mule status when it was time to be paid for that work. "Be paid for correcting text" is the new money mule lure.