Search results for:
According to a recent article published on the Computer Weekly website, security researchers at Kaspersky Lab recently discovered a breach at a European bank where hackers "drained_" approximately "_€500,000 from more than 190 customers_" accounts. According to the report, the theft, _codenamed "Luuuk" by Kaspersky, "_is believed to have been running for a week when the C&C server was discovered. According to the article,_" Kaspersky did not announce the bank's name but confirmed that "_amounts stolen ranged from €1,700 to €39,000._"
The article indicated that researchers at the security firm revealed that "_most of the victims were in Italy and Turkey_" according to the logs from the command and control (C&C) server the hackers used in the attack. The Computer Weekly report notes that "_the C&C server was shut down and wiped_" within two days of discovery. Unfortunately, Kaspersky feels that the "_shut down_" may be a "_change in infrastructure rather than the end of the operation._"
Kaspersky's principal security researcher Vicente Diaz was quoted in the article to say, "Soon after we detected this C&C server, we contacted the bank's security service and the law enforcement agencies, and submitted all our evidence to them\. " The research team believes, according to the_ article, that the attackers "_intercepted financial data and carried out fraudulent transactions_" immediately following the login of online bank customers using a technique known as "_man-in-the-browser\. " Diaz was also quoted in the_ article to say, "_On the C&C server we detected, there was no information as to which specific malware program was used in this campaign."
Written by Bryon Turcotte / June 26, 2014