Operation High Roller

Operation High Roller was a series of fraud in the banking system in different parts of the world that used cyber-collection agents in order to collect PC and smart-phone information to electronically raid bank accounts.[1] It was dissected in 2012 by McAfee and Guardian Analytics.[2] A total of roughly $78 million was siphoned out of bank accounts due to this attack.[3] The attackers were operating from servers in Russia, Albania and China to carry out electronic fund transfers.[4]

Specifications

This cyber attack is described to have the following features:[5]

  • Bypassed Chip and PIN authentication.
  • Required no human participation.
  • Instruction came from cloud-based servers (rather than the hacker's PC) to further hide the identity of the attacker.
  • Included elements of "insider levels of understanding".
  • Banks in Europe, the United States and Colombia were targeted.
  • Impacted several classes of financial institution such as credit unions, large global banks, regional banks, and high-net-worth individuals.

While some sources have suggested it to be an extension of man-in-the-browser attack[6] Operation High Roller is reported to have harnessed a more extensive level of automation distinguishing it from the traditional methods.[7]

See also

References
  1. Rachael King (June 26, 2012). "Operation high roller targets corporate bank accounts". Wall Street Journal.
  2. "Operation high roller auto-targets bank funds". CNET News.
  3. "How exactly do cyber criminals steal $78 million?". Time magazine (online) Business and Money. July 3, 2012.
  4. Danielle Walker (October 29, 2012). ""High roller" fraud campaign persists, origin revealed". SC Magazine. Archived from the original on 2012-11-01.
  5. Michael Rundle (June 26, 2012). "Operation high roller". Huffington Post.
  6. ""High roller" hacker attack is stealing hundreds of millions from the rich". DailyTech. June 26, 2012. Archived from the original on 2012-06-30.
  7. "'Operation high roller' stole from the rich to give to unknown auto-mule crims in the cloud". The Register. June 27, 2012.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.