“Operation High Roller” pulls in £48 million for cyber-criminals

McAfee and Guardian Analytics have published a joint report that found at least 12 internet fraud groups operating as part of a global ring of fraudsters have stolen at least £48 million (€60 million). The report counts that at least sixty institutions have been targeted since an initial attack on a German bank in January. However, this number is thought to rise, as well as the amount of money stolen from the hacked accounts, as the report is based on only a few European-based servers.

The attacks, which focused on the accounts of businesses and wealthy customers of a range of financial institutions, were first detected in January of this year. Institutions of all sizes from small regional banks to credit unions and large global banks have been targeted by the ring.

The scammers are using a derivative of the SpyEye and Zeus malware that made an earlier attack on an Italian bank. The more recent attacks used a more sophisticated version that were highly automated, operating from un-manned servers that were able to bypass chip and pin security measures as well as transfer the stolen money to mule accounts.

David Marcus, the director of security for McAfee’s research labs, wrote in a blog post that these attacks represent a move “towards cloud-based servers with multi-faceted automation in a global fraud campaign”. It seems that not only businesses are now utilising the cloud but internet fraudsters, too.

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal