Cyber wave sweeps away $80m

A wave of cyber attacks seems to have swept away at least $80 million from bank accounts in Europe, the United States and in other parts of the world such as Colombia.

The attacks hit between $75 million and $2.5 billion (60 million to two billion euros) from at least 60 banks worldwide. Criminals attacked cloud-based servers in a global fraud "Operation High Roller". The criminals attempted transfers to mule business accounts as high as 100,000 euros. In the U.S. companies having a minimum balance of several million dollars in their commercial accounts were the victims. In most cases, the victims were found through online reconnaissance and "spear phishing," which uses a fake email to get an account holder's login details and password.

The first attacks affected "a popular bank in Italy and its consumer and business accounts" and used SpyEye and Zeus malware to transfer funds to a "mule account" or pre-paid debit card where the thief could retrieve the funds quickly and anonymously.

But later attacks showed increased automation and sophistication, in some cases taking over the victim's account without an attacker's active participation. In some cases, the criminals were able to bypass smartcard readers which offer extra authentication used in many European banks.This ring adds many breakthroughs: bypasses for physical 'chip and pin' authentication, automated mule account databases, server-based fraudulent transactions.

The attacks hit every class of financial institution: credit union, large global bank, and regional bank.

In some attacks, transactions were routed through a server in California, but the researchers said they "found evidence of the fraudster logging in from Moscow, Russia, to manipulate some of the transactions."