New bank theft software hits three continents

By Hum
in Back Page News

 Share

Recommended Posts

Grand Master

Hum

Posted
Posted

(Reuters) - A new wave of automated hacking of online bank accounts might have stolen $78 million in the past year from customers in Europe, Latin America and the United States, according to researchers who peered into the computers of the hacking gangs.

The groups used recent improvements to two families of existing malicious software, known as Zeus and SpyEye, which lodged on the computers of clients at 60 banks.

While previous versions of the software have proved adept at stealing logon information, the latest variants automate the subsequent transfer of funds to accounts controlled by accomplices.

The findings, to be released on Tuesday by security firms McAfee and Guardian Analytics, confirmed and expanded on research from Japan-based Trend Micro Inc that was first reported last week by Reuters.

"This looks like the beginning of a new technique," said Guardian's Vice President Craig Priess, whose firm specializes in protecting banks.

The software is sophisticated enough to defeat "chip and PIN" and other two-factor authentication and to avoid transferring the entire contents of an account at one time, which can trigger review, according to the study.

Trend Micro said it had seen the automated versions in action in Germany, the United Kingdom and Italy.

Guardian and Intel Corp-owned McAfee said the same technology, while still emerging, had been used by a dozen gangs against consumers and business clients of financial institutions in those countries and Colombia, the Netherlands, and the United States.

"Someone designing this system has insider knowledge as to what the banks are looking for," said Dave Marcus, research director at Mcafee Labs.

Server logs viewed by the researchers saw commands from the fraud rings to transfer a total of $78 million, including $130,000 from one account. The banks may have been able to block some of those transactions, the researchers acknowledged.

Though written and controlled by different groups, SpyEye and Zeus share the ability to be installed on computers that visit malicious websites or legitimate pages that have been compromised by hackers, as well as through tainted links in emails.

The programs already have used a technique called "web injection" to generate new entry fields when victims log on to any number of banks or other sensitive websites. Instead of seeing a bank ask for an account number and password, for example, a victimized user sees requests for both of those and an ATM card number. All that information is sent to the hacker, who signs in and transfers money to an accomplice's account.

full story

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • The Trump administration doesn't want you to use OpenAI's GPT-5.6 without its approval

      By ad47uk · Posted

      I and many others did not vote to get out of the E.u because of Putin or Farage, we did so for our own reasons. You don't have to tel me what my own did or did not do when it comes to the E.U. The EEC is or was the European Economic Community, a different beast to what the E.U is now.The EEC was a mainly about trading, the E.U have gone far beyond that and as I have said before, is now more of a United States of Europe. The U.K did not vote to join a United States of Europe. Anyway, they did not want us in there in the first place, Charles de Gaulle stopped us joining as he claimed we didn’t agree with the core ideas of integration. He was not wrong and that is why we voted out of the E.U when the time came. I was not old enough to vote the first time. My only regret is that we did not have the referendum years ago and got out years ago. If we rejoined, we would have to agree to join the Euro and no doubt Schengen, agree with freedom of movement, we have enough problem with people coming over here as it is. i have no problem with people coming over here if they work and don't try to push their way of life onto us. The E.U has a currency, freedom of movement, an anthem a flag, a parliament, well they are there, not sure if they do anything. Don't sound like something that is just for trading. Oh yeah, also wanted a euro Army. How many stupid rules have the E.U made that we had to follow? I doubt I will see the Uk rejoin the E.U, which suits me. Oh yeah, my partner is Polish, she came over here before Poland joined the E.U and she got fed up of people just coming over here with ease, while she had to struggle. She is now a British citizen and have been for a fair few years
    • Why Delta Chat is the best decentralized messenger you have probably never tried

      By Fleet Command · Posted

      Hello, Paul. Thanks for the editorial. It was interesting. I'm going research more into the app and its concept. Of course, if you know me at all, you know that I'd say your articles needs some editing! I a;ways do, don't I? For instance, the article occasionally mentions a concept before defining it, e.g., relays.
    • Weekend PC Game Deals: Steam Summer Sale 2026 Edition

      By +InsaneNutter · Posted

      Screamer is 50% off on Steam, making it £24.99 here in the UK: https://store.steampowered.com/app/2814990/Screamer/ You might remember the series from the mid 90s / early 2000s, this new game is also by Milestone who created the older games.
    • U.S. partially reverses Anthropic AI ban for Mythos but keeps Fable 5 off the market

      By Karthik Mudaliar · Posted

      U.S. partially reverses Anthropic AI ban for Mythos but keeps Fable 5 off the market by Karthik Mudaliar Anthropic says that the U.S. government has finally allowed it to restore Claude Mythos 5. But of course, there's a catch. The rollout is again for a limited set of U.S. organizations that operate and defend critical infrastructure. The company announced this in a post on X (formerly Twitter). This does not mean that Anthropic's latest frontier models are back to normal availability. Fable 5, which was a tuned version of Mythos 5 for public release, remains unavailable. Anthropic said that it is still working with the government to expand Mythos 5 access and make Fable 5 available again, but there's no timeline. Reports from Bloomberg and Reuters say that this decision actually came through a letter from the U.S. Commerce Department. According to Reuters, this would allow more than 100 companies and institutions access to Mythos 5. Reuters also reported that Commerce Secretary Howard Lutnick’s letter removes the need for export licenses for approved companies’ non-US citizen employees, as well as Anthropic’s own non-US citizen employees, while restrictions remain for organizations outside the approved list. Anthropic isn't alone with this kind of controlled rollout. OpenAI's newest model family, GPT 5.6, was announced just yesterday, but isn't available for everyone yet. In its announcement, OpenAI also said that access to these models is initially limited to a select group of trusted partners and organizations, with broader access planned later this year. Both of these cases show that frontier AI launches are no longer just ordinary product releases and more like slow and vetted deployments shaped heavily by the U.S. government.
    • OpenAI announces GPT‑5.6 Sol, its next-generation flagship model beating Claude Mythos 5

      By monterxz · Posted

      Sol, Terra, Luna - aren't those the names of failed crypto coins? 🤣🤣🤣

  • Recent Achievements

    • Week One Done
      flexorcist earned a badge
      Week One Done
    • One Month Later
      Woland13 earned a badge
      One Month Later
    • Week One Done
      Woland13 earned a badge
      Week One Done
    • One Year In
      bernmeister earned a badge
      One Year In
    • Week One Done
      Scoobystu earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      495
    2. 2
      +Edouard
      226
    3. 3
      PsYcHoKiLLa
      154
    4. 4
      Steven P.
      75
    5. 5
      FloatingFatMan
      71
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!