- ‘Pocket drones’: U.S. Army developing tiny surveillance tools for the next big war
- Belgian cafe posts sign: Dogs allowed, but Jews stay out
- Gen. Dempsey: Pentagon studying Russian readiness plans not viewed ‘for 20 years’
- John McCain: Botched, two-hour execution of murderer is ‘torture’
- House GOP ready to move border bill
- Bomb squad called after live WWII artillery washes on Cape Cod beach
- HAYDEN: Intelligence, evidence and the case against Russia
- Ohio university quiz implies atheists are naturally smarter than Christians
- Rep. Henry Cuellar on border crisis: ‘Playing defense on the one-yard line’
- Activists vow to occupy fast-food restaurants to get higher pay
U.S. banks warned of cyberattack on accounts
Question of the Day
The U.S. financial services industry has issued a warning that a Russian cyber-gangster is preparing to rob American banks and their customers of millions of dollars.
In addition, the computer security firm McAfee has reported that the cyber-criminal, who calls himself “Thief-in-Law,” already has infected the hundreds of computers of unwitting American customers in preparation to steal their bank account data.
The warning was issued Thursday by the Financial Services Information Sharing and Analysis Center (FS-ISAC), which shares information throughout the financial sector about terrorist and online threats, said Douglas Johnson, vice president for risk management at the American Bankers Association.
“FS-ISAC has sent out several notices warning about this gentleman,” Mr. Johnson told The Washington Times.
According to McAfee, Thief-in-Law has installed malicious software programs, known as “malware,” on hundreds of computers as part of his plan, dubbed “Project Blitzkrieg.” The malware steals passwords and login information, which hackers can use to drain victims’ bank accounts online.
“McAfee Labs believes that Project Blitzkrieg is a credible threat to the financial industry and appears to be moving forward as planned,” a company report states.
The report’s author, Ryan Sherstobitoff, told The Times that a “pilot program” that apparently ended in October had infected as many as 500 computers in the U.S. About 120 additional computers were infected in a follow-up campaign that ended in November, he said.
“Project Blitzkrieg is an active operation,” Mr. Sherstobitoff said.
The Times reported in October that Thief-in-Law was trying to recruit an army of hackers to rob U.S. bank accounts next year and had posted a video of himself boasting about his online criminal activities and his immunity from law enforcement.
“If you accurately target [bank] customers in the USA while being in Russia, then you can fear nothing while living in your country,” said the gangster, who uses the online alias “vorVzakone.”
His nickname is Russian slang that translates to “Thief-in-Law” but also implies untouchability, such as a “made man” or “Mafia don.”
Out of sight
In a Sept. 9 posting on an online cybercrime forum, Thief-in-Law said he already had stolen $5 million from American banks by using his malware, called “Gozi Prinimalka.”
“It was under the radar,” he said. “It wasn’t traded or swapped in online forums, so there was little awareness of it.”
But after cybercrime blogger Brian Krebs posted Thief-in-Law’s supposed real name and address — by tracking down the registration documents for the car he drove in his video — the cyber-criminal announced he was abandoning Project Blitzkrieg and dropped out of sight online.
His disappearance and the fact that he only recently had started posting on online cybercrime forums prompted speculation that Thief-in-Law was a “wannabe” cyber-gangster who never had been serious about his plan or that he was part of a law enforcement sting.
But the public cancellation of Project Blitzkrieg “was just a PR stunt to distract attention while [Thief-in-Law] moved ahead in secret,” Mr. Sherstobitoff said.
His report traces the latest malware campaign, which ran from Oct. 1 to Nov. 30, to servers in Romania.
The servers were likely operated by a gang working with Thief-in-Law, Mr. Sherstobitoff said.
“Either they’re working with him or he has sold them the malware,” Mr. Sherstobitoff said, noting that the malicious programs used in the pilot campaign and the Romanian campaign are “virtually identical.”
According to his report, Gozi Prinimalka is highly sophisticated, can steal banking passwords and logins in different ways, and can find the answers to “challenge questions” that online banking systems are programmed to ask, such as “What was the make of your first car?”
The malware can even collect information that allows the hackers to impersonate the victim’s own computer, deceiving security measures that are activated when a customer tries to log on from a strange machine.
The report’s data suggests that Thief-in-Law and his associates primarily have been targeting customers of investment banks, who generally keep large balances.
But financial industry officials said they are confident that the targeted banks are prepared for the attacks.
He said McAfee had made the Gozi Prinimalka’s signature available “to all the targeted institutions,” so their security departments could prepare. A malware signature is a characteristic piece of code or other feature that identifies a piece of malicious software so it can be blocked by security systems.
“We have the tools we need [and] we have an unusual amount of detailed information in advance of this attack,” said Mr. Johnson. “That all bodes well for our institutions and our customers.”
Estimates of the scale of global online banking fraud vary, and many are produced by computer security companies or others seen as having a vested interest in exaggerating the problem.
In response, a group of Cambridge University academics this year published what they said is a more rigorous and conservative estimate of cybercrime costs.
The Cambridge group concluded that the direct costs of account-takeover crime through malware like Gozi Prinimalka is about $690 million a year globally and $26 million in Britain.
Banks worldwide spend about $1 billion a year on technical measures to defeat cybercrime, the academics said, while law enforcement agencies spend about $400 million to track down and prosecute cyber-criminals — half of that in the United States alone.
But a survey the group conducted last year found that that the costs of digital bank fraud in 2010 for the first time exceeded the costs of check fraud and other illegal paper transactions.
More than 90 percent of U.S. banks experienced electronic losses that year, totaling nearly $1 billion, mostly from debit-card fraud, the survey found.
It said paper-based fraud amounted to less than $800 million in losses.
© Copyright 2014 The Washington Times, LLC. Click here for reprint permission.
About the Author
Shaun Waterman is an award-winning reporter for The Washington Times, covering foreign affairs, defense and cybersecurity. He was a senior editor and correspondent for United Press International for nearly a decade, and has covered the Department of Homeland Security since 2003. His reporting on the Sept. 11 Commission and the tortuous process by which some of its recommendations finally became ...
- Senator's memo shows Iran links in Homeland Security's troubled immigration program
- Help wanted: Homeland Security plagued by vacancies at the top
- Dems back bill to fix problems in investor visa program
- Democrats proceed with Mayorkas vote despite pending investigation
- NSA monitored 'World of Warcraft' players
Latest Blog Entries
TWT Video Picks
Second- and third-stringers eye 2016 if front-runner stumbles
- 'We're coming for you, Barack Obama': Top U.S. official discloses threat from ISIL terrorists
- Russia shipping sophisticated weapons systems to Ukraine separatists
- NAPOLITANO: What if our democracy is a fraud?
- John McCain: Botched, two-hour execution of murderer is 'torture'
- Michelle Obama says money in politics is bad, asks donors for 'big, fat check'
- EDITORIAL: Detroit's water 'spigot bigots'
- Brian Kelly, Notre Dame ready for different route to title
- Ted Nugent loses second casino gig for 'racist remarks'
- Obama orders Pentagon advisers to Ukraine
- White House readies for House GOP impeachment push: 'Foolish' to ignore
Obama's biggest White House 'fails'
Celebrities turned politicians
Athletes turned actors
20 gadgets that changed the world
Fighting in Iraq