bank fraud

Ramnit Variant Targets UK Banks with OTP Attack

Nowhere is the cat-and-mouse game between attackers and the security of users more evident than with social engineering schemes. Users’ awareness of phishing campaigns, for example, may be improving, but that’s just forcing attackers bent on identity theft and stealing payment card information to up their games.

Banking malware has primarily been just that, an attack tool used against financial institutions to steal money from online bank accounts. But what if cybercrime gangs decided to flip that on its head, and use malware such as the Citadel banking Trojan to steal credentials from not only banks, but government agencies and commercial businesses?

Fourteen individuals were charged late last week after the Federal Bureau of Investigation, along with the Los Angeles Police Department and the Glendale, Calif. Police Department found they were behind a scheme that extracted more than $1 million from Citibank cash-advance kiosks in Southern California and Nevada between 2009 and 2010.

Dozens of individuals from Winchester, a small Kentucky town east of Lexington have been targeted by hackers, according to a report earlier this week in the Lexington Herald-Leader. The newspaper claims between 50 and 100 diners at Puerta Grande, a small Mexican restaurant, were hit with bank fraud at some point in the last two weeks.

The underground malware economy has expanded and diversified in recent years and the latest frontier is the mobile platform. In this video, Kaspersky Lab’s Denis Maslennikov talks about the ways that attackers use premium-rate SMS messages and banking fraud to bilk users.

A Moldovan man alleged to be the mastermind behind an international fraud ring that targeted both private and corporate bank accounts has been arrested in Limerick, Ireland, in a joint operation by Gardai and customs officials.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.