Chip-and-pin bypass used in £48m fraud scheme

Summary:Operation High Roller attacks banking systems worldwide and attempts to bypass physical chip-and-pin authentication by using automated mule account databases

A global financial fraud that uses an active and passive automated transfer system to siphon money from high balance accounts in financial institutions has been discovered by McAfee and Guardian Analytics.

According to a joint report released on Tuesday, the online fraud, dubbed 'Operation High Roller', attacks banking systems worldwide and has struck thousands of financial institutions including credit unions, large global banks and regional banks. The criminals have attempted to transfer between €60m (£47.9m) and €2bn to mule business accounts belonging to the "organised crime" syndicate from at least 60 banks so far, the study revealed.

Building on established Zeus and SpyEye tactics, the fraud scheme is able to bypass physical chip-and-pin authentication by using automated mule account databases to conduct server-based fraudulent transactions, with the highest attempted transaction reaching up to €100,000, it explained.

For more on this ZDNet UK-selected story, see Operation High Roller achieves 'organized crime' status on ZDNet Asia.

Topics: Security


Elly grew up on the adrenaline of crime fiction and it spurred her interest in cybercrime, privacy and the terror on the dark side of IT. At ZDNet Asia, she has made it her mission to warn readers of upcoming security threats, while also covering other tech issues.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.