Dissecting Operation High Roller | Massive Cyber Attack in USA, Europe and Latin America Siphons $2.5 Billion From Banks

4closureFraud's picture

Massive Cyber Attack in USA, Europe and Latin America Siphons $2.5 Billion From Banks

Dissecting Operation High Roller

How the high-tech mantra of “automation and innovation” helps a multi-tiered global fraud ring target high net worth businesses and individuals. Building on established Zeus and SpyEye tactics, this ring adds many breakthroughs: bypasses for physical multi-factor authentication, automated mule account databases, server-based fraudulent transactions, and attempted transfers to mule business accounts as high as €100,000 ($130,000 USD). Where Europe has been the primary target for this and other financial fraud rings in the past, our research found the thefts spreading outside Europe, including the United States and Colombia.

Executive Summary

McAfee and Guardian Analytics have uncovered a highly sophisticated, global financial services fraud campaign that has reached the American banking system. As this research study goes to press, we are working actively with international law enforcement organizations to shut down these attacks.

Unlike standard SpyEye and Zeus attacks that typically feature live (manual) interventions, we have discovered at least a dozen groups now using server-side components and heavy automation. The fraudsters’ objective in these attacks is to siphon large amounts from high balance accounts, hence the name chosen for this research: Operation High Roller.

With no human participation required, each attack moves quickly and scales neatly. This operation combines an insider level of understanding of banking transaction systems with both custom and off the shelf malicious code and appears to be worthy of the term “organized crime.”

This study found 60 servers processing thousands of attempted thefts from high-value commercial accounts and some high net worth individuals. As the attack shifted emphasis from consumers to businesses, mule business accounts allowed attempted transfers averaging in the thousands of Euros, with some transfers as high as €100,000 (US$130,000)1. Three distinct attack strategies have emerged as the targets have expanded from the European Union, to Latin America, to the United States.

Debunking the popular wisdom that only big banks are affected, the research documents attacks at every class of financial institution: credit union, large global bank, and regional bank. So far, we estimate the criminals have attempted at least €60 million (US$78 million) in fraudulent transfers from accounts at 60 or more financial institutions (FIs). If all of the attempted fraud campaigns were as successful as the Netherlands example we describe in this report, the total attempted fraud could be as high as €2 billion.2

Full report below...



Dissecting Operation High Roller

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Lord Koos's picture

Luckily, my wealth isn't online.

Overdrawn's picture

I wish to complain, they haven't stolen my overdraft.

Gringo Viejo's picture

Black Bart 21st Century. "There is nothing new under the Sun"...Ecclesiastes.

Papasmurf's picture

This could be false flag attack to get the "internet kill switch" or it could be a consequence of failure to prosecute large financial crime.  The precidence has been set with the example of MFGlobal, fraudlent mortgages and their MBS and CDS spin-offs.  Until largess crimes go punished, these problems will increase and become for frequent.

steelrules's picture

So how is this any different than JPM and GS high freq. trading?

NIRee's picture

That the theifs are honest about their intentions?

Dburn's picture

Banks are desperate. Why wouldn't Jamie and the gang be behind this. Empty out their client accounts, finance the operation, have the insurance companies pay plus the taxpayers. Have the Fed Print up new money.

Better yet, Jamie got a collateral call on his 200B bet and he decided to make sure ALL his bets were covered by his competitors clients. New QE coming in 3,2,1...

windcatcher's picture

This is the 21 st. century! This doesn’t look so good for the future!

The robbers stealing from the rich and the rich stealing from the poor!

The irony of it all! Ha. Ha.

sgt_doom's picture

Geez, ya know, I was trying to exaplain to a neighbor why there just weren't that many jobs available anymore:

We are now in the official fourth jobless recovery (actually six, if one is accurate and counts the two prior to the late '80s, early 90's).

So of those laid off from full-time work between 1987 and 1992, only about one-half ever regained full-time employment (and half of those only at lower wages).

Now, that was the first official jobless recovery, so with three other "official" jobless recoveries, that means America is down to 1/16th of the jobs compared to what existed in 1987.

Excepting, when retirements and deaths are factored in, it raises a bit to between only 1/4th to 1/8th the number of jobs now existing compared to what existed previously in 1987!

So, I supposed offshoring all those jobs, and all that technology to China and elsewhere might not have been such a smart bankster move otherwise, huh?

Seer's picture

Most of the jobs were AUTOMATED (http://www.automationworld.com/semiconductors/outsourcing-not-culprit-ma...)!  TPTB WANT us to think that they were moved so they can (pretend to) move them back (forcing concessions from/through the US govt).

AND, consider the affects of population increases:


  World: 3.8 Billion (approximation; 1970 -> 3.7 Billion; 1975 4.0 Billion)

  US: 207.6 Million



  World: 5.3 Billion

  US: 249.6 Million



  World: 6.1 Billion

  US: 282.1 Million



  World: 6.8 Billion

  US:  309.3 Million


Change 1971 to 2010

  World: 78.9%

  US: 48.9%


Change 1990 to 2010

  World: 28.3%

  US: 23.9%


1971 was the year that the US essentially defaulted; it was also the year that the US extracted the most oil that it would ever again extract: oil is the most important and most widely utilized (read "essential") natural resource that can be exploited for "profit."  If one was to say that growth stopped in 1971 (and that all following this year was over-borrowed from the future [and that we're now hitting the point that we can no longer borrow from the future because the future is now reaching back ON us]) then we can say that population increases represent an "inflation" on all "wealth."  That is, from 1971 to 2010 the US devalued by 48.9%.  From (around) 1990 until 2010 (the various "jobless recoveries" period you note) the "devaluation" has been 23.9%.

I thought of this approach after thinking of the statement that Dr. Albert Bartlett made in his presentation Arithmetic, Population and Energy in which he talks about the affects of population growth on "democracy" in Boulder, Colorado.  He noted that the population of Boulder had quadrupled over a given time period (since he'd resided there), which meant that with the static number of city council members over this same period of time that the citizens of Boulder's per capita representation is now only 25% of what it once was.

I believe that job loss has more to do with automation and population than in "off-shoring."  I'm NOT saying that jobs haven't been off-shored, or there haven't been meaningful numbers, it's just that I don't think that they are the bigger picture (and may be more a symptom than the disease); and I also believe that we're being setup to be played using the "off-shoring/outsourcing" buzzwords (folks on the left will lead the "fight" for the folks on the right to get their factories built more cheaply and staffed cheaper [through govt subsidies]- a WIN WIN for everyone! [except that EVERYONE will be paying for it, except, of course, those at the top (who will once again use yet another scam/ruse to skim)])."

TheMerryPrankster's picture

loaf of bread 1971 .35 cents, today 3.50$

low priced auto 2800 dollars in 1971, today 28000.00

between destruction of the value of the dollar and energy price inflation, just staying even requires tremendous effort, getting ahead becomes nearly impossible.

Times are so hard in my neighborhood, middle-aged white guys are doing landscaping services and mowing yards. Traditionally the work of illegal immigrants for the past 2 decades, now the long term unemployed are low balling the illegals and performing manual labor in the blazing sun.

5 years in and things are not getting better.

terryfuckwit's picture

never mind "operation high roller" more like "operation solve insovency" .. this is the interesting part of the game this is where all those masonic trouser leg rolled up illuminati.. bilderberg idjits who thought they were part of the game and well looked after realise they were just hyper fattened foi gras for another level of criminals. Wait and watch these types politicians included will soon be begging for the return of the law... So keep stacking and load up on popcorn this is gonna be a great show

Gimp's picture

Hacker convention in Vegas next month (RIO). They only take cash at the door for entry BUT they have a special room rate for all attendees.

Not even the hackers have figured  out this irony...


dizzyfingers's picture

to ebworthen

Even slicker than QE.

dizzyfingers's picture

Bankers steal from themselves then collect insurance...and tax money?

TheMerryPrankster's picture

Then collect, insurance and tax money and user/account fees.

Diplodicus Rex's picture

Something doesn't smell right about this. Can you say False Flag?

laomei's picture

I don't know about false flags... but the fact that they are calling having over $50k a "high roller" is an absolute joke.

DosZap's picture

This is exactly the kind of thing that will start bank runs.

A lot of countries have no FDIC insured deposits mechanisms.Plus, if your cash it stolen, the FDIC can take as long as 12 mos to make it good.........

Anyone here want their cash not available in THIS climate globally?.

lakecity55's picture

So, Barry X made up the shortfall in campaign funds, eh?

ebworthen's picture

Next profit and bonus strategy for J.P. Morgue and the like; being the bankers for the hackers.

"And...it's gone!"

Make all currency digital (no bills or coins at all) then siphon off depositors money in league with the hackers.

Make an announcemnt that "there was a breach of our systems" and of course change everyone's digital records overnight (no paper records, save the trees and all that).

"Look honey, we're o.k., it says we have $3,247 so nothing is missing".  Er...except it was $3,297 yesterday.  $50 times 200,000 accounts is $1 million. 

Insurance companies do this sort of thing all the time; refuse to pay a $750 anesthesia fee and say perpetually there is a lack of an invoice or correct billing.  Delay until the hospital puts a collection agency on the patient - patient gets scared and pays.  $750 X 1,000 customers = $750,000.  Bonus time!

Banks lose no deposits in toto, and the regular folks fleeced yet again.

I know it sounds cynical, but how different is it from the bailouts, shadow banking, CDS, MBS, fraudclosure, derivatives, and rehypothecation?

markar's picture

Great. Just what the world needs-more lack of confidence in the banking system.

TheMerryPrankster's picture

Anyone with confidence in the banking system hasn't been paying attention for 3 decades..

Peter Pan's picture

This is what happens when thieves can't find gold in Fort Knox.

Right-on Left-off's picture

Nobdy has noticed????  Drudge got the sanitized, politically correct, make nothing of the story story.  His story sez it was only $75 million.

Benjamin Glutton's picture

I can't help wondering if Obama can see this banking fraud from 40,000 feet.

janchup's picture

You think Mr. "No laws were broken" cares about banking fraud?

jomama's picture

last week, an online entity managed to drain 3k bennybux from my checking account before they shut off the card.  while i'm flattered, i'm wondering if it was related.

Ying-Yang's picture

Yes and let's all put our stuff up on the cloud.

Dumb ass companies... been warning about this.

Stuxnet and Flame created by the USA will come back and bite us BAD. Meaning the little people will be hurt by what our numbnuts leaders did, as always.

Ohh and let's have drones in the USA... another bitch that will turn out bad!

Chief KnocAHoma's picture

I'm hoping they will fuck up and deposit some money in my accounts, or at least wipe away my debts.

Ying-Yang's picture

Skynet is becoming real.

It's sad we are seeing this shit appear before our eyes.

rsnoble's picture

Technology fucks us again.

Kali's picture

KISS.  Can't hack gold and silver.

Seer's picture

I know that having your digital numbers changed from afar sucks, but I'm thinking that having physical taken via a kicked-in door (and possible loss of life) could suck much more.

Be sure to implement proper physical protections!

lakecity55's picture

So, I guess we can't wait for fuckerberg to let us use our smart fonz for paying bills.

I'm sure it will be really secure!


espirit's picture

...or so they would like us to think.

Isn't that the amount Dimon came up short?

rsnoble's picture

LMAO, no doubt. I actually had that run across my mind as well. Interesting that for us peons to have such thoughts is almost borderline crazy......yet these bastards operate in this fashion every single day. Fuck 'em all 2012-Get the rope!

tony bonn's picture

my guess is that this fraud is a collusion of the cia with the banksters - it is way too sophisticated for organized crime - unless my perception of the thuggish underworld is in error....even if organized crime is capable, i still believe that this is wall street and cia...

TheMerryPrankster's picture

Wallstreet is the CIA, at least the FED & banking system portion. Check out the families involved in Skull& Bones the prep school for the CIA upper management and the names of the banking families during the time period.

ciA had 2 purposes, 1 the "cover story" an intel organization to protect american interests, and 2 the reality of an information network to front run the suckers and provide legitimate cover to drug dealing, arms running and other high profit illegal operations.

Classification of information as secret is the greatest tool to hide crimes ever invented.

Seer's picture

I have another theory...

Russia.  Russia will get the paint brush.

Consider that over the years we've been primed with LOTS of Russian hacker stories.  And Consider that the US is nearing WWIII over Hamburger Hill (Syria), but the general population in the US is tired of wars (and is going broke).  Well, Commies Reincarnated time!  Nothing kicks everyone into a frenzy more than the threat of superior Communism! (</sarc> if it's such a shitty system there's no reason to worry, bad systems FAIL! and really BAD systems...)

So, money is tight and Russia will be fingered for trying to make it worse (not to mention they're big in OIL and NG!).

Pre-motive, bitches!

shovelhead's picture

Nice to know Jon Corzine found gainful employment.

Rastamon's picture





i know of another worm syphoning TRILLIONS out of the USA .... it's called the Bernank

rsnoble's picture

US gov't response: "We need to sign the internet treaty RIGHT NOW and shut down Zerohedge. What was that about bank fraud again"?

paint it red call it hell's picture

one would not think that cyber attacks on deep banking pockets would be the impetus for Fed action in re-liquifying  the system including european banks?

nah........ who would think to false flag attack the banks in order to apply extreme bailout measures.

rufusbird's picture

This can't be good for peoples declining trust in keeping money in banks and financial institutions...

Seer's picture

Hm... can't trust keeping worthless money in an worthless repository, I'll have to think about this...

Darth..Putter's picture

The US hasn't even recovered from the Country Wide and CITI group viruses yet.

ebworthen's picture


Hopefully it will renew the use of cash and coin - as their next goal is binary currency (no cash or coin).