The information provided on this website does not, and is not intended to, act as legal, financial or credit advice; instead, it is for general informational purposes only. Information on this website may not be current. This website may contain links to other third-party websites. Such links are only for the convenience of the reader, user or browser; we do not recommend or endorse the contents of any third-party sites. Readers of this website should contact their attorney, accountant or credit counselor to obtain advice with respect to their particular situation. No reader, user, or browser of this site should act or not act on the basis of information on this site. Always seek personal legal, financial or credit advice for your relevant jurisdiction. Only your individual attorney or advisor can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation. Use of, and access to, this website or any of the links or resources contained within the site do not create an attorney-client or fiduciary relationship between the reader, user, or browser and website owner, authors, contributors, contributing firms, or their respective employers.
Credit.com receives compensation for the financial products and services advertised on this site if our users apply for and sign up for any of them. Compensation is not a factor in the substantive evaluation of any product.
A cyber gang specializing in ripping off online banking accounts has been successfully executing a multistep campaign to pull off six- and seven-figure heists from the accounts of small- and mid-size businesses, as well as large enterprises.
This intel comes from IBM Security in a report disclosing details of a gang using the Dyre family of malware, which has been widely used for routine man-in-the-middle attacks, by which the attacker manipulates online transactions.
This particular campaign, dubbed Dyre Wolf by IBM, has been conducted at a modest scale compared to the Carbanak cyber gang that has pilfered an estimated $1 billion from more than 100 banks globally, according to Kaspersky Lab. The Carbanak gang infiltrated bank networks, reprogrammed servers, and remotely triggered ATM machines to spit out cash.
The Dyre Wolf gang, by comparison, has been taking aim at small and mid-size businesses, doing intel to figure out who they bank with and what kind of transactions they do online, and then using a combination of techniques to trigger wire transfers of $500,000 to $1 million.
IBM did not estimate a total take for the Dyre Wolf gang, nor how many were hit. But the damage to the businesses, especially small and mid-size companies, obviously has been material, if not crippling.
Starting last year, these criminals began targeting people working in certain companies and sending them phishing emails crafted to get them to click on an attachment carrying a variant of the Dyre malware.
Dyre stays dormant until the victim navigates to a bank website. It then loads a spoofed page with a faked alert that the bank’s site is having problems. The victim is then instructed to call the displayed phone number.
An English-speaking operator—part of the criminal gang—is standing by with a script to talk the victim into divulging account details needed to quickly trigger a large wire transfer.
“One of the many interesting things with this campaign is that the attackers are bold enough to use the same phone number for each website and know when victims will call and which bank to answer as,” says IBM researcher John Kuhn. “This all results in successfully duping their victims into providing their organizations’ banking credentials.”
Image: iStock
October 19, 2023
Identity Theft and Scams
May 17, 2022
Identity Theft and Scams
May 20, 2021
Identity Theft and Scams