Professional trojan targets SEPA transactions
Cyber-criminals are targeting the European SEPA payments network, according to a report from security specialist McAfee. Within the EU, SEPA transactions are uncomplicated because they make no distinction between domestic and cross-border transactions. In this case, that also benefits the online crooks who usually transfer money from the victim's account to foreign bank accounts.
The report says the malware involved is part of "Operation High Roller" where criminals extracted large sums from business accounts. Unlike traditional online banking fraud, which uses trojans such as ZeuS and SpyEye, the crooks infect only a small number of specific specialist computers with malware in order to get at money. This reduces the risks of detection considerably. In the current case, the scam only infected about a dozen customers.
Examination of log entries from the control panels of the command server showed that at least one of the banks being targeted would have seen an estimated €61,000 of attempted SEPA transactions to mule accounts. Some of the bank accounts under attack had over €50,000 reported as their account balance. McAfee concludes that the High Rollers are becoming more sophisticated as they look for new ways to attack, but their current haul is quite small compared to the €60 million they attempted to steal at the start of the year.