Russian hackers will launch blitzkrieg cyber-attacks on U.S. banks next spring, security experts warn
- McAfee’s warns of threat that surfaced on Russian hackers’ forum
- Project Blitzkrieg plans mass fraud on financial institutions across U.S.
- Research indicates 500 infected in pilot campaign, with more to come
By Damien Gayle
PUBLISHED: 05:59 EST, 14 December 2012 | UPDATED: 05:59 EST, 14 December 2012
Experts have warned that hackers’ plans to launch massive cyber-attacks on U.S. financial institutions are not just a possibility but a ‘credible threat’.
According to a report released by internet security firm McAfee, the impending attack on banks – dubbed ‘Project Blitzkrieg’ – could result in millions of dollars of losses.
‘McAfee Labs believes that Project Blitzkrieg is a credible threat to the financial industry and appears to be moving forward as planned,’ the company said in a report published yesterday.
It adds: ‘Although Project Blitzkrieg hasn’t yet infected thousands of victims and we cannot directly confirm any cases of fraud, the attackers have managed to run an operation undetected for several months while infecting a few hundred.’
The planned mass fraud campaign against 30 U.S. financial institutions set to occur next spring was announced in early September on a Russian-language hackers’ forum, McAfee’s report claims.
The cybercriminal vorVzakone – whose name means ‘thief in law’ – claimed to be planning the release of a Trojan to allow him and accomplices to seize control of banks’ computers to steal information and money.
Although some analysts had doubted the veracity of vorVzakone’s threats, McAfee believes they are authentic and said it believes it has managed to track down the servers the hacker used in pilot testing the malware.
CLASSICAL TACTICS FOR A VERY MODERN FORM OF ATTACK
A Trojan horse, or Trojan, is a malicious application that masquerades as a legitimate file or helpful program but whose real purpose is, for example, to grant a hacker unauthorized access to a computer.
Trojans do not attempt to inject themselves into other files like a computer virus, instead they may steal information, or harm their host computer systems.
Trojans may use drive-by downloads or install via online games or internet-driven applications in order to reach target computers.
The term is derived from the Trojan Horse story in Greek mythology because Trojan horses masquerade as harmless, useful gifts, in order to persuade victims to install them on their computers.
Their report says that this enabled them to identify the variant of the Trojan being used, and that their research has shown that vorVzakone has already hit 500 victims.
Part of the hacker’s announcement included calling for accomplices to join him in Project Blitzkrieg, with him supplying the Trojan software and supporting infrastructure to those taking part.
‘He also continues to confirm several other members of the underground who have stolen money already via this Trojan, citing its success to counter arguments against the buy-in he requires,’ McAfee’s report says.
McAfee’s research indicates that, rather than being a sweeping attack, the campaign will selectively target the financial industry, including computer networks at investment banks, consumer banks and credit unions.
This will allow the attackers to ‘stay under the radar’ and is essential if they hope to succeed in stealing several million dollars over the course of the project.
‘A limited number of infections reduces the malware’s footprint and makes it hard for network defenses to detect its activities,’ McAfee says.