Forgot your password?
typodupeerror
Crime Security The Almighty Buck News Your Rights Online

Wanted: Hackers For Large-Scale Attacks On American Banks 77

Posted by timothy
from the just-leave-the-credit-unions-alone dept.
Trailrunner7 writes "RSA's FraudAction research team has been monitoring underground chatter and has put together various clues to deduce that a cybercrime gang is actively recruiting up to 100 botmasters to participate in a complicated man-in-the-middle hijacking scam using a variant of the proprietary Gozi Trojan. This is the first time a private cybercrime organization has recruited outsiders to participate in a financially motivated attack, said Mor Ahuvia, cybercrime communications specialist for RSA FraudAction. The attackers are promising their recruits a cut of the profits, and are requiring an initial investment in hardware and training in how to deploy the Gozi Prinimalka Trojan, Ahuvia added. Also, the gang will only share executable files with their partners, and will not give up the Trojan's compilers, keeping the recruits dependent on the gang for updates."
This discussion has been archived. No new comments can be posted.

Wanted: Hackers For Large-Scale Attacks On American Banks

Comments Filter:
  • the easiest marks (Score:5, Insightful)

    by Anonymous Coward on Saturday October 06, 2012 @12:51AM (#41566153)

    The attackers are promising their recruits a cut of the profits, and are requiring an initial investment in hardware and training

    as any confidence man could tell you, the best marks are those that think they are in on the scam...

    • by 93 Escort Wagon (326346) on Saturday October 06, 2012 @02:28AM (#41566385)

      May God the merciful grant you peace. You will be surprised to hear from me. I am MRS. HELENA SHOSTAKOVICH, widow of the late DMITRI SHOSTAKOVICH of hacker fame. My dear husband past away two weeks ago, leaving behind 1,500,000 credit card numbers worth THREE HUNDRED MILLIONS US DOLLARS. As I am unable to realize this sum here in Russia, I have been authorized to advance into your bank account FIVE MILLION DOLLARS for assistance in retrieving this funds. The requirement from you, to show you are an honest man of principle and good faith, is an insignificant small purchase of hardware from the following list: ...

      To avoid Putin's spies, I have retained agents in NIGERIA who will handle your transactions. Forward your credit card particulars to:

      Mr. JOHN MBUTU
      POST OFFICE WILL CALL
      LAGOS, NIGERIA

    • The attackers are promising their recruits a cut of the profits, and are requiring an initial investment in hardware and training

      as any confidence man could tell you, the best marks are those that think they are in on the scam...

      I second that thought. This sounds less like a serious recruitment and more like one of those "makes $5000 a month working from home" things.

    • by sjwt (161428)

      Subject is incorrect..

      Wanted: Hackers For Large-Scale Sting!

  • Compilers.. (Score:3, Interesting)

    by MnemonicMan (2596371) on Saturday October 06, 2012 @12:55AM (#41566165)
    Won't give up their "compilers" now will they.. Bastards, I'll drop in my version of GCC and show them! Er, ahem, I think the article means "source code." And even with that a determined reverse-engineering effort could negate that too..
  • by Anonymous Coward on Saturday October 06, 2012 @12:57AM (#41566175)

    Can I apply right now?

  • 1. sit on your ass
    2. mine bitcoins
    3. USD-based banks are DESTROYED! lol.
    I heard that's how it works, lol.
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      1. Start "recruiting" people for the diversion A, to keep the RSA's FraudAction research team, the media and (therefore) the government busy with that.
      2. Don't tell anyone about the real plan B.
      3. Select the best people from the group working on A, and bring them in on plan B.
      4. for the profit part: Do plan B before diversion A
      5. for the fun part: don't cancel diversion A, just watch it live on the news.

  • by dutchwhizzman (817898) on Saturday October 06, 2012 @01:30AM (#41566259)

    Why bother recruiting people if you can just hire bots, or herd your own? Why go for 100 small ones if just a few bigger ones will yield you the same number of victims?

    These seem like either very inexperienced criminals, or indeed, as someone else suggested, scammers that want to rip off botnet herders, not banks. You don't involve people in your gang if you don't absolutely need them. You don't train them, unless you absolutely need them to know things. The less people know as little as possible, the smaller the chance you will get caught. Causing a racket by recruiting up to 100 herders does not fit that MO.

    • by pitchpipe (708843)
      Mod parent up! These guys must be morons if they think that they can keep 100 people quiet about anything, let alone thinking that they wouldn't be infiltrated by law enforcement.
      • Die Hard 4 (Score:4, Funny)

        by 1u3hr (530656) on Saturday October 06, 2012 @03:12AM (#41566455)

        these guys must be morons if they think that they can keep 100 people quiet about anything

        Timothy Olyphant's character worked that out with his scheme in Die Hard 4.

        1) Hire 100 hackers
        2) use their code to crack every bank and utility at once
        3) kill the hackers.
        4) profit!

        Killing all his staff did leave him vulnerable to being tracked by Kevin Smith and taken down by a plucky former LAPD cop though.

    • +6 insightful (Score:2, Interesting)

      by Anonymous Coward

      It does sound like a hollywood plot. You wouldn't want 100 people giving away the secrets, and it's not necessary when hackers use computers.

      There's two sets of crooks involved here, one set are crooks trying to steal stuff, other set are crooks trying to get budget for security theatre. My guess is that this comes from the latter rather than the former.

    • by asifyoucare (302582) on Saturday October 06, 2012 @05:47AM (#41566781)

      Why bother recruiting people....

      Because there is no intention to hack a bank. The intention is to part gullible would-be hackers from their money.

  • Confusion (Score:5, Insightful)

    by DoofusOfDeath (636671) on Saturday October 06, 2012 @01:33AM (#41566263)

    I'm trying to remember, who are the bad guys here, the law-breaking, savings-stealing douchebags, or the guys running the botnet?

  • by Anonymous Coward on Saturday October 06, 2012 @02:11AM (#41566347)

    They should be hacking banks using OPEN SOURCE SOFTWARE and tools. (Strokes beard thoughtfully.) The use of proprietary, closed-source tools takes away from the common, computer using felon the ability to maintain his own malicious code.

    ~ Richard Stallman

  • Throw out a virtual net and pull 'em in. Maybe even pay out some money and recruit repeatedly. It might even attract the attention of the real 'gang'.

    • by gl4ss (559668)

      but that would be inciting, encouraging and enabling the crime - you can't just go around doing that if you're a honest law enforcement officer..

      oh shit wait we were talking about the fbi - yeah, they do that.

      • by FatLittleMonkey (1341387) on Saturday October 06, 2012 @07:17AM (#41566967)

        You don't arrest them for the crime you incite them to commit, it just allows you to identify and tag them. Then you monitor them for other illegal activities. That's what you arrest them for. (And by monitoring their communication, you can pick up other criminals that weren't attracted by the initial incitement. Allowing you to conduct coordinated international raids that take out entire networks. Also, you can find the few very best coders and recruit them. Possibly to work against their own government.)

        And if you really did unreasonably "incite" some of them, they won't commit other crimes, so they get away with it.

  • Ah, bullshit. (Score:5, Insightful)

    by Type44Q (1233630) on Saturday October 06, 2012 @05:51AM (#41566787)

    Bullshit: if this were really happening, this guy would not be aware of it.

  • by drinkypoo (153816) <martin.espinoza@gmail.com> on Saturday October 06, 2012 @06:11AM (#41566815) Homepage Journal

    Also, the gang will only share executable files with their partners, and will not give up the Trojan's compilers, keeping the recruits dependent on the gang for updates

    It's a trap! Who's that fucking stupid?

    • You largely underestimate a person's shortsightedness when the opportunity of possibly making lots money presents itself.
    • Maybe it's just a set up for the inevitable Iranian hackers destroyed our banking system and everyone's money is now gone. We must attack now while we are all broke and cranky.
  • Why are they engaging in such theatrics? So far, most banks in the US don't even use two factor authentication (no, it's not a panacea, but it helps, in particular against man in the middle attacks).

  • by advocate_one (662832) on Saturday October 06, 2012 @10:30AM (#41567637)
    on the banking system with the Iranians being blamed for it...
  • If triue, this is a hardened gang of criminals going after big money and not a few persons' savings. MITMA attacks do need the fastest hardware and as such seems plausible. I RTFA'd and found

    “This Trojan is not well known. This is not SpyEye or Citadel; it’s not available for everyone to buy,” Ahuvia said. “Security vendors and antivirus signatures are less likely to catch it or be familiar with it. It will be tricky for vendors to detect and block it. This gang is keeping a tight hold on the compiler. By only giving up executable files, they can control how any antivirus signatures are in the wild and keep unique signatures to a minimum.” Again seems plausible. OK

"In order to make an apple pie from scratch, you must first create the universe." -- Carl Sagan, Cosmos

Working...