Eastern Europeans fraudsters send Zeus to steal our money

11 August 2010

duncan

Eastern European fraudsters have a God working for them and they're getting him to steal money from us. Sorta.

See, a new version the Zeus virus has stolen £675,000 from about 3,000 online customers of a British bank thanks to the small matter that most firewalls can't detect it. Experts at M86 Security, which specialises in online fraud, said the virus checks to see how much money the accounts contain, steals it, and covers its tracks by showing the customer fake bank balances. Clever.

The online security firm rumbled the fraud when it penetrated the criminals’ command server, which is based in Eastern Europe, and found a list of all the cash transfers. The police have been informed a fortnight ago, however, the attacks don't appear to have stopped.

Bradley Anstis, vice president of technical strategy at M86 says in the Telegraph: “This is an extremely sophisticated version of the virus and it cannot be detected by traditional security software”.

The Trojan, which kicks in as soon as you log-in to your bank account, hijacks your banking session and checks your balance. If you have more than £800 it begins transferring the funds into mule accounts invisibly.

The real oddity of the story, however, is how two thirds of a million pounds has been stolen from 3,000 customers, and yet nobody knows the name of the high street bank involved. Somehow the bank in question has gagged every single customer without a leak to the media. Thank goodness there was a security firm around to investigate and issue a press release on their behalf, eh?

Stay vigilant freaks.

TOPICS:   Banking   Scams

13 comments

  • a b.
    are these niggergerians doo ya think?i dont think they are smart enough
  • sdp
    The article implies it only bothers to steal more than £800 per person. Which, if 3,000 customers really are affected, would mean £2.4m had been stolen, not £675,000. The only explanations are 1) The article is inaccurate and less than 3,000 customers have been targeted. 2) The article is inaccurate and more than £675,000 has been stolen. 3) The article is inaccurate and people with less than £800 have been victims. 4) The article is correct and it affects people with a balance of more than £800, but it doesn't bother stealing ALL of their money. Which seems an odd thing to do...why put an £800 minimum in place if you're going to take less than that. Interesting though.
  • Issac M.
    I seem to remember this Zeus thing was in the news before and that that iteration of the virus targeted HSBC and First Direct in the UK. My moneys on it being HSBC....
  • Issac M.
    Daily Fail also quotes HSBC and only HSBC http://www.dailymail.co.uk/sciencetech/article-1302062/New-trojan-virus-Zeus-v3-empties-online-bank-accounts.html A spokesman for HSBC said: 'There are millions of viruses and other malicious software. 'We urge people to take basic measure to protect themselves from virus attacks. 'Any customer who is a victim of fraud will be reimbursed by HSBC.'
  • Noodles
    makes a change from the negrotoons from nigeria!
  • Matt
    @sdp... Target people with over £800, remove ~£200 from each account (3000*£220 = 675000). People with over £800 in balance are likely to have reasonably large transactions going through all the time, so might not query a £200 transfer. Remove all the money, or target people with small balances and alarm bells will start ringing for those customers. The longer the customer is unaware and doesn't report it, the more chance you have of getting away with it. V clever stuff!
  • PaulH
    "Stay vigilant freaks" Freaks!?...Ow wait...
  • The B.
    You should have heard the penis behind me on the tube yesterday: "so my mate in IT who works for the local council took my laptop away and ran one of their really high end virus scans on it, yeah, there are like different anti-virus products and this is one used by the US military because it's so good and if it finds a virus that it can't remove then the entire team have to sit down and work out a way to remove it which he says they really enjoy. So they found like 47 viruses on my laptop and took 11 hours to do it and remove them all but he only charged me £100 and I got this really cool anti-virus thing called AVG so it's all protected now." Well sir, may I be the first to congratulate you, you are a fucking idiot who knows shit about IT and has just been ripped off by your "mate".
  • Nobby
    They should have put the computer in a condom to protect it from viruses and told him not to take it out.
  • The B.
    WTF???? IS DIS 4 REAL????? GOOD FING MA BLING IS ON MA RING
  • Carl B.
    I have had three e-mails today telling me about 'Bank Accounts' with Banks I'm not even with just delete any suspect e-mail never open it. The Bank was lucky this was such a small amount they could have taken Millions, or worse how do you know they didn’t? As to the 'Trojan Virus' you can never put a stop to this because if your virus protection software doesn't recognize it as suspect it will get into your system such Trojans are very simple to construct and that is the problem, as they are forever changing.. In the passed I have detected and shown large accountancy agencies the hidden Spy-ware lurking in their systems. In one case perhaps the worst, was one that had one of Russia's best Spy-ware writers software programs running in their systems for over seven years. It was taking copies of all and every transaction and sending the details to preset e-mail addresses. Signed Carl Barron Chairman of agpcuk
  • David A.
    I think its fairly important that we know which bank was targeted in this latest attack. I know if it was my Bank I would refrain from using their online banking facilities for the time being. Also if the cybercriminals have developed this trojan to be ignored by the latest anti-virus and malware detection programs the only way to limit infection is through education. Never open unexpected attachments, even from people you know. Keep your anti-virus, malware detection and Operating System software bang up to date (it may help possibly). Don't visit any dodgy websites and in particular even a prompt to cancel something can install malicious software in the background. Exit a browser window in Windows OS by clicking ALT+F4 Don't think that having the latest protection software will necessarily stop an infection. Unless you know exactly what incoming and outgoing traffic is on you network adapter connection there is no way of knowing for sure your 100% safe. Personally I never use a Windows based PC used by my family for any online transactions as my two daughters and wife are not as vigilant as me and do download images and files from their friends and facebook contacts. I have a laptop I use for any online payments or processing of bank accounts and only I have access to it. I don't use this laptop to visit any sites other than the usual popular ones like BBC. Use a secured Wireless network connection preferably with WPA and not the older WEP encryption. A neighbor could easily be capturing your network traffic if they have access to your wireless network and can capture the data they could easily see any data sent over the network. Use a Mac or Linux/Unix based computer they are a lot safer (at the moment).
  • David A.
    I think its fairly important that we know which bank was targeted in this latest attack. I know if it was my Bank I would refrain from using their online banking facilities for the time being. Also if the cybercriminals have developed this trojan to be ignored by the latest anti-virus and malware detection programs the only way to limit infection is through education. Never open unexpected attachments, even from people you know. Keep your anti-virus, malware detection and Operating System software bang up to date (it may help possibly). Don't visit any dodgy websites and in particular even a prompt to cancel something can install malicious software in the background. Exit a browser window in Windows OS by clicking ALT+F4 Don't think that having the latest protection software will necessarily stop an infection. Unless you know exactly what incoming and outgoing traffic is on you network adapter connection there is no way of knowing for sure your 100% safe. Personally I never use a Windows based PC used by my family for any online transactions as my two daughters and wife are not as vigilant as me and do download images and files from their friends and facebook contacts. I have a laptop I use for any online payments or processing of bank accounts and only I have access to it. I don't use this laptop to visit any sites other than the usual popular ones like BBC. Use a secured Wireless network connection preferably with WPA and not the older WEP encryption. A neighbor could easily be capturing your network traffic if they have access to your wireless network and can capture the data they could easily see any data sent over the network. Use a Mac or Linux/Unix based computer they are a lot safer (at the moment).

What do you think?

Connect with Facebook, Twitter, or just enter your email to sign in and comment.

Your comment