This page has been archived and commenting is disabled.
Dissecting Operation High Roller | Massive Cyber Attack in USA, Europe and Latin America Siphons $2.5 Billion From Banks
Massive Cyber Attack in USA, Europe and Latin America Siphons $2.5 Billion From Banks
Dissecting Operation High Roller
How the high-tech mantra of “automation and innovation” helps a multi-tiered global fraud ring target high net worth businesses and individuals. Building on established Zeus and SpyEye tactics, this ring adds many breakthroughs: bypasses for physical multi-factor authentication, automated mule account databases, server-based fraudulent transactions, and attempted transfers to mule business accounts as high as €100,000 ($130,000 USD). Where Europe has been the primary target for this and other financial fraud rings in the past, our research found the thefts spreading outside Europe, including the United States and Colombia.
Executive Summary
McAfee and Guardian Analytics have uncovered a highly sophisticated, global financial services fraud campaign that has reached the American banking system. As this research study goes to press, we are working actively with international law enforcement organizations to shut down these attacks.
Unlike standard SpyEye and Zeus attacks that typically feature live (manual) interventions, we have discovered at least a dozen groups now using server-side components and heavy automation. The fraudsters’ objective in these attacks is to siphon large amounts from high balance accounts, hence the name chosen for this research: Operation High Roller.
With no human participation required, each attack moves quickly and scales neatly. This operation combines an insider level of understanding of banking transaction systems with both custom and off the shelf malicious code and appears to be worthy of the term “organized crime.”
This study found 60 servers processing thousands of attempted thefts from high-value commercial accounts and some high net worth individuals. As the attack shifted emphasis from consumers to businesses, mule business accounts allowed attempted transfers averaging in the thousands of Euros, with some transfers as high as €100,000 (US$130,000)1. Three distinct attack strategies have emerged as the targets have expanded from the European Union, to Latin America, to the United States.
Debunking the popular wisdom that only big banks are affected, the research documents attacks at every class of financial institution: credit union, large global bank, and regional bank. So far, we estimate the criminals have attempted at least €60 million (US$78 million) in fraudulent transfers from accounts at 60 or more financial institutions (FIs). If all of the attempted fraud campaigns were as successful as the Netherlands example we describe in this report, the total attempted fraud could be as high as €2 billion.2
Full report below...
www.4closureFraud.org
- advertisements -


So this is really what has been happening at RBS / Natwest / Ulster Bank - sounds like the poisoned transaction option was used, or is it still a 'glitch' perped by some poor Indian tecnician??
I don't recall any banks or insurance companies or auto companies claiming "hackers did it." Which only goes to show how they really didn't see it coming...AND STILL DON'T!
and where is all this digital money going where it can be used?. it ends up in computer ledger somewhere or otherwize is useless, or just gone
It is transfered to mule accounts and then removed as cash within hours. If you read the report, you'd know that.
Any connection between thisand the 'software' problems at RBS? Enquiring minds.......
Obama has authorized cyber attacks on our enemies. Who's surprised by a counter attack?
exactly. the most interesting aspect of the Egyptian thing however is that you can turn the internet off...which came as a shock to most of the media which uses the dot.com space for...ahem..."special projects." i'm surprised we haven't had a wave of University bankruptcies actually given all the "high end plagiarism" going on. And of course "who cares about the Professor when you have a sophisticated media and a 14 year old you can label a genius" and billions to be made. We really are total neophytes in dealing with the Digital Domain. Cloud computing is for real...these financial institutions and governments around the world will spend hundreds of billions to protect their Data...ironically from the same people who are stealing the most namely...the Americans! "The gift that keeps giving" as they say...MOVE ALONG!
Surprised it took so long. Plus I doubt that banks are not the only places they can get into, although I must say, its a real nice place to start.
This means a bank holiday is coming.
They are going to blame it on hackers.
I want to be holding foldable frn's right now.
Having some foldable federal reserve notes down in the safe is not a bad idea, while they are still worth something that is. As soon as frns become worthless however, you'll just be holding paper. After that, 90% silver dimes, silver eagles, and krugerrands will preserve your wealth. Food and bullets and likeminded friends will preserve your life.
An article I read about this indicated that the servers performing the attacks seemed to be mostly in Russia. This could be true or a false flag, either way, it would make sense that the end game here is to cripple the banking system. If an individual bank can't trust that transfers in and out of it's accounts are legitimate and more importantly if the public (Especially those with large sums of money in the banking system) can't trust that their funds are safe, the whole system comes to a screeching halt. Either the Russians have found a brilliant cyber-warfare tactic, or they are being made to be set up as the "bad guy".
What the hell! we are trying to ruin the Iranian banking system. What goes around comes around.
Peggy?
Russian Mafia or US Feds... is there any difference?
Maybe the russians \ Putin has finally have had enough of the Rothschild's? They have been screwing russia for years, can't beat them in war beat them where thier most exposed?
Same psychopathic personality types thrive in both.
Other than the lowest echelons of authority, likely none at all.
it's all just digits, they can just type more into existence
Artificial Intelligence comes alive. The machine will decide if you have credits, or not. Good luck in the real world trying to fight the Code. You can't unplug it. It is immortal. You are just visiting the Planet.
They are trying to soften up influential people to support internet clamp downs and internet ID.
While undermining the case for a cashless society?
Of course! These are politicial operations, ya know.
The only goal is for you and him to fight. What better way than to arm you both?
The cashless society is a fantasy. Police, governments, and the British Monarchy are making too much money off the drug trade.
Drug profits require 3 things: Illegal status, anonymous transactions, and demand.
They have all 3 already. It will never change.
I spy with my little eye an agency who's three letter acronym starts with the letter after B...
Exactly, and in other news, it has been discovered that our Drones can be hijacked by "terrorist entities" as well (wink wink). I wonder how long it will take to link it all to the "Homegrown" variety so they can go all in............
hmmm.... The CIA would never do anything like that!
Not this time.
They are asking for a hand.
Sounds like these guys watched "Office Space" too many times.
It is the ECB, they really need the money....
So Langley has switched fron drug dealing to bank fraud.
I suppose thats an improvement.
Sure is. If the CIA gets really good at it, obummer can cut their budget and make it a win-win for the taxpayers. Unless you have a high net worth.
Coders In Action...
The money is being funneled into Obama's re-election fund.
..."Outsource IT to India they said..."
What? Did you think all the laid-off IT staff were going to go wait tables or something?
Thieves stealing from thieves? Is there no honor among them?
The enemy of my enemy is my friend?
Hmm... This fellow makes a good point http://www.zerohedge.com/contributed/2012-06-27/dissecting-operation-hig...
Maybe that three letter acronym begins with the letter after J...
Either way, please hurry up.
Are you saying CIA = KGB?
No, that someone pointed to the attacks coming from Russia, so perhaps it was KGB, not CIA.
Although a possible conspiracy of rouge elements within both..? Great espionage movie material, but unlikely.
Now that I've thought about it, more likely it's Russian mafia (but I wouldn't be surprised if they collude with KGB from time to time).
YouDidn'tKeepALowEnoughProfile: poor bastard ;-)
Your Freudian Slip exposes your insider knowledge! Confess Immediately and your family will be "spared." Rouge elements indeed!
But remember, KGB and the "so called Russian Mafia" are in a revolving door relationship among themselves. It is almost incestuous, ...
- Ned
{and then there are the verte elements, that also conceal the internal "rouge" intent.}
Now if there was just some way to blame this on 'Al Qaeda'...