BANK depositors beware.
The world’s largest privately held vendor of endpoint-protection solutions has discovered an incident where online fraudsters were able to draw off enough relevant information to steal money from bank accounts.
Such high-stakes Web felony shows that cyber criminals are becoming more and more confident of their illicit activities than before as they now target financial institutions.
Prior to this, the online fraudsters only attacked bank-service users, seeing them as the weak link in the security chain, as they currently pinpoint the banks as lucrative prey.
Security experts at Kaspersky Lab found in a recent investigation the emergence of a new attack trend in which an accountant’s computer was compromised and used to initiate a large fund transfer with a bank.
Once attackers got into the latter’s network, they siphoned data to allow them to cash directly from the financial institution in various ways, such as performing so-called SWIFT transfers from different customer accounts and manipulating online-banking systems to perform transfers in the background.
Cyber fraudsters didn’t stop there. Security experts of the leading developer of secure content and threat-management solutions saw them go for broke and developed new malware that can take cash directly from automated teller machines (ATMs).
The evolution of online crime activities targeting ATMs already became rampant last year with numerous public incidents and a rush by law-enforcement authorities responding to such threats.
Since ATMs are mostly running on Windows XP and also suffer from frail physical security, they are incredibly vulnerable by default, according to Alexander Gostev, chief security expert at Global Research and Analysis Team of Kaspersky Lab.
“In 2015 we expect to see further evolution of these ATM attacks with the use of targeted malicious techniques to gain access to the ‘brain’ of cash machines,” he said.
“The next stage will see attackers compromising the networks of banks and using that level of access to manipulate ATMs in real time,” he added.
Roderick L. Abad