Cyber Thieves Steal $447,000 From Wrecking Firm

Source: Security Fix

In his continuing coverage of phishing and money mules in the USA, Brian Krebs gives details of a wrecking firm that was hit for a massive $447,000, not all of which was successfully looted. The interesting fact in this case was that the bank used a form of two-factor authentication -- a USB key fob which generates a new six-digit code every minute. Unfortunately, this kind of authentication is vulnerable to a man-in-the-browser attack, which is how the crooks operate, using malware called "Zeus".