Tuesday, 1 July 2014

Hackers Hit European Bank and Steal €500,000

A group of sophisticated hackers using a mysterious piece of malware known as the 'Luuuk Trojan' hit a well-known European bank this past winter, getting away with more than €500,000.  The unidentified bank is believed to be an Italian institution, due to the largest number of victims being Italians and Turks.  Kaspersky discovered the seven-day attack on January 20.

The WHIR reports that Kaspersky first identified the raid through log files that showed what appeared to be bots reporting to a central command centre.  Company officials say the offending software was removed from the suspicious server on January 22 yet the attack did not immediately cease.  Kaspersky investigators believe the hackers simply moved to a new, undetected infrastructure.

The Luuuk Trojan is a piece of malware with unknown origins.  Experts are not sure whether it is a standalone programme built from the ground up or some sort of variation of another known Trojan.  One theory suggests Luuuk is a variation of the popular Zeus malware.

Zeus has a number of ways of compromising protected information, but the most common use of the software is one of man-in-the-browser keystroke recording.  Once the software is implanted on a Windows computer, it records every keystroke and reports that data back to a central station.  The data can then be culled for sensitive banking information.

Trojans like Zeus and Luuuk are traditionally spread by way of phishing campaigns and drive-by downloads.  In the January raid, approximately 190 victims were affected.  The software was implanted on their computers without their knowledge, recording each and every keystroke for the purposes of obtaining sensitive information.  The WHIR says that victims lost anywhere from €1,700 to €39,000 apiece.

Consumer Education Needed

We talk an awful lot about the need for better security at the data centre and IT services levels and, while that's true, this story demonstrates that more needs to be done at the consumer level as well.  The fact that consumers continue to be fooled by malicious software and phishing schemes is evidence that we are still far behind in the area of training consumers.  We can go a long way toward thwarting these types of attacks just by educating computer users.

Organisations like Kaspersky can take steps to end attacks from Trojans like Zeus and Luuuk, but not until they are well under way.  This suggests their power to eliminate such attacks is limited.  Once again, it goes back to training at the consumer level.  Individual computer users need to be trained in the architecture of Trojan horses and how these are surreptitiously passed along through attractive e-mail messages, fake websites and the like.

As for the consumers affected by the January attack, we hope some sort of financial protection was in place from the bank in question.  We hope that they got most, if not all, of their money back.  Undoubtedly, each of the victims will be more careful about their computer use in the future.

No comments:

Post a comment