Published in News

Three banks robbed using DoS cover

by on21 August 2013

Low powered attacks were a distraction

The wire payment switch at several US banks has been hacked and millions stolen from accounts. Gartner vice president Avivah Litan said at least three banks were struck in the past few months using "low-powered" distributed denial-of-service (DDoS) attacks. These were not the main attack but meant to divert the attention and resources of banks away from fraudulent wire transfers simultaneously occurring.

The loses added up to millions lost across the three banks", Litan said. Traditional attacks take aim at customer computers to steal banking credentials such as login information and card numbers. It is not clear how the attackers gained access to the wire payment switch, fraudsters could have targeted bank staff with phishing emails to plant malware on bank computers.

The DoS forced the service portal down and meant that the security team had to fix it first. The hackers then switched attack and went for the main wire transfer robbery.

Fraudsters were using Dirt Jumper, a $200 crimeware kit that launches DDoS attacks, to draw bank employees' attention away from fraudulent wire and ACH transactions ranging from $180,000 to $2.1 million in attempted transfers

Rate this item
(0 votes)