A global financial fraud operation that uses an active and passive automated transfer system to siphon money from high-balance accounts in financial institutions has been discovered by McAfee and Guardian Analytics.
According to a joint report released on Tuesday (PDF), the online fraud, dubbed "Operation High Roller", attacks banking systems worldwide. It has already impacted thousands of financial institutions, including credit unions, large global banks and regional banks. The criminals have attempted to transfer between €60 million and €2 billion to mule business accounts belonging to the "organised crime" syndicate from at least 60 banks so far, the study revealed.
"With no human participation required, each attack moves quickly and scales neatly. This operation combines an insider level of understanding of banking transaction systems, with both custom and off-the-shelf malicious code," the report said.
Building on established Zeus and SpyEye tactics, the fraud scheme is able to bypass physical chip-and-pin authentication by using automated mule account databases to conduct server-based fraudulent transactions, with the highest attempted transaction reaching up to €100,000, the report stated.
So far, the attack has been sighted in Italy, Germany and the Netherlands, and has been expanded to Latin America and the United States, McAfee noted.
"The advanced methods discovered in Operation High Roller show fraudsters moving toward cloud-based servers with multi-faceted automation in a global fraud campaign," David Marcus, director of security research for McAfee Labs, said in a blog post.
McAfee and Guardian Analytics also said that they have been working with law-enforcement agencies to report the location of criminally controlled servers found in the US, and to educate others on the attack. However, the study showed high concentrations of malicious servers in Eastern Europe and "strategic placement" in other countries, such as China, Canada, Germany and Italy.
Via ZDNet Asia