Thursday, April 28, 2011

FBI is on high alert over a multi million dollar Chinese cyber crime operation - - 27 Apr 2011

CYBER CRIMINALS with access to Chinese bank accounts have robbed US businesses of millions in dollars in the past 12 months by using malware that scarfs up banking details.

The US Federal Bureau of Investigation (FBI) has issued a stark warning about 20 incidents where banking credentials from smallish to medium-sized US businesses were harvested by malware like the Zeus Trojan and Spybot. The FBI said that the companies lost $11 million in these scams.

Often using reasonably cheap off-the-shelf malware, criminals can trap somebody in a company by compromising their computer with a phishing email or getting them to surf to a malicious website. The malware then gets to work, for example by keylogging crucial financial information like account numbers and passwords that the employee types in.

The FBI said that the criminal operation transferred the money to intermediary New York banks and then to the accounts of Chinese businesses that were registered as 'legitimate'. So far it's not known why these businesses received the transfers, that is, whether they were the final destinations or the money was transferred elsewhere.

Each wire transfer was able to shift hundreds of thousands of dollars, with the largest one nearly hitting the $1 million dollar mark. For smaller amounts money mules were used, poor unfortunates who fall for scams where they transfer money for the criminals involved, without realising it's stolen.

No comments: