Business & Finance
News
1/24/2007
06:01 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Swedish Bank Taken for Over $1 Million by Cyber Crooks

Customers were duped by a phishing scam coupled with a version of the Haxdoor Trojan installed on their computers.

Cyber crime apparently pays quite well. Swedish bank Nordea has acknowledged that about 250 of its online banking customers have been robbed of about 8 million Swedish kronor -- roughly $1.14 million dollars -- as a result of a targeted phishing campaign.

The attack took place over the past 15 months, according to Boo Ehlin, a spokesman for the bank. Swedish trade publication Computer Sweden reported that 121 people may have been involved in carrying out the attack, but Ehlin could not confirm that figure. The article identified Russian cyber thieves as being behind the attack.

The phishing e-mail was designed specifically to fool Nordea's online banking customers into downloading what was supposed to be an anti-spam application, according to computer security company McAfee. Those duped ended up with a version of the Haxdoor Trojan on their computers. The malware redirected them to a phony login page that captured their online banking user names and passwords.

"These types of Trojans are quite sophisticated," said David Marcus, security research and communications manager at McAfee Avert Labs. "It's not just something that's sitting in the background capturing screenshots. ...[T]hey're actually designed to wait for you to go to a specific financial institution, so they're not capturing everything."

"What they then do is redirect you to the fake Web site, which looks just like the real thing, and present you with what looks like a real login screen," explained Marcus. "There goes your account login, PIN, and money."

"The interesting thing is the bank actually did nothing wrong in this instance," said Marcus. "And this type of Trojan is something we run into a lot out in the wild. It's one of the largest classes of malware out there. So this attack is really nothing new. This particular one just happened to be a bit more successful than some of the ones we had seen."

Indeed, Nordea was hit with a similar attack in August 2005. The bank says it has almost 10 million customers, 4.6 million of whom bank online, in the Nordic and Baltic regions.

"We have reimbursed all the customers, so they will not take any loss," said Ehlin, who explained that the affected customers had outdated antivirus software or none at all. He said Nordea intended to make free antivirus software available to customers that don't have it already.

"It never ceases to amaze me that people will do online banking, exposing huge amounts of financial information, and not take basic precautions," said Marcus. "I was born in a really bad neighborhood and you're just taught to take certain precautions, like not walk down dark streets at night. And the Internet has to be approached the same way."

Comment  | 
Print  | 
More Insights
IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government Tech Digest Oct. 27, 2014
To meet obligations -- and avoid accusations of cover-up and incompetence -- federal agencies must get serious about digitizing records.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and community news at InformationWeek.com.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.