McAfee and Guardian Analytics have published a joint report that found at least 12 internet fraud groups operating as part of a global ring of fraudsters have stolen at least £48 million (€60 million). The report counts that at least sixty institutions have been targeted since an initial attack on a German bank in January. However, this number is thought to rise, as well as the amount of money stolen from the hacked accounts, as the report is based on only a few European-based servers.
The attacks, which focused on the accounts of businesses and wealthy customers of a range of financial institutions, were first detected in January of this year. Institutions of all sizes from small regional banks to credit unions and large global banks have been targeted by the ring.
The scammers are using a derivative of the SpyEye and Zeus malware that made an earlier attack on an Italian bank. The more recent attacks used a more sophisticated version that were highly automated, operating from un-manned servers that were able to bypass chip and pin security measures as well as transfer the stolen money to mule accounts.
David Marcus, the director of security for McAfee’s research labs, wrote in a blog post that these attacks represent a move “towards cloud-based servers with multi-faceted automation in a global fraud campaign”. It seems that not only businesses are now utilising the cloud but internet fraudsters, too.