Security firms McAfee and Guardian Analytics will release a report today showing how a group of thieves has stolen close to $78 million worldwide from personal bank accounts just in the past year. The culprits have modified versions of widely available malware (Zeus and SpyEye) and enabled them to transfer funds out of other people’s bank accounts to their own. Reuters has this ominous quote: “‘Someone designing this system has insider knowledge as to what the banks are looking for,’ said Dave Marcus, research director at Mcafee Labs.”
The malware usually ends up on a user’s computer after visiting an unsecure website that is either set up with the intention of infecting a computer or surreptitiously hiding underneath what looks like a legitimate site. Again from Reuters:
The programs already have used a technique called “web injection” to generate new entry fields when victims log on to any number of banks or other sensitive websites. Instead of seeing a bank ask for an account number and password, for example, a victimized user sees requests for both of those and an ATM card number. All that information is sent to the hacker, who signs in and transfers money to an accomplice’s account.
The withdraws are designed to be so incremental and miniscule that you won’t even notice them, but the researchers are reporting that at least one account had a withdraw of $130,000. Unless you walk around with a top hat and tails and decorate your face with a handsome, grey mustache, you’re probably going to notice $130,000. The break ins have been observed in the U.S. as well as throughout Europe and Latin America in over 60 different banks.
There’s a lot happening in the world. Through it all, Marketplace is here for you.
You rely on Marketplace to break down the world’s events and tell you how it affects you in a fact-based, approachable way. We rely on your financial support to keep making that possible.
Your donation today powers the independent journalism that you rely on. For just $5/month, you can help sustain Marketplace so we can keep reporting on the things that matter to you.