Keyloggers Foiled In Attempted $423 Million Bank Heist - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News
News
3/17/2005
01:46 PM
50%
50%

Keyloggers Foiled In Attempted $423 Million Bank Heist

British authorities stymied a massive bank heist that reportedly was dependent on a keylogger, the same kind of spyware that has jumped three-fold in the last year and puts consumers at risk from hackers and phishers.

British authorities stymied a massive bank heist that reportedly was dependent on a keylogger, the same kind of spyware that has jumped three-fold in the last year and puts consumers at risk from hackers and phishers.

According to reports in the British media from the BBC and the Financial Times, among others, the scheme was set to steal 220 million pounds ($423 million) from the London offices of the Japanese bank Sumitomo Mitsui. The National Hi-Tech Crime Unit (NHTCU), the country's cyber-cops, began investigating last October after the bank discovered that hackers had infiltrated its network and were using a keylogger to capture keystrokes.

Keyloggers, a type of spyware, are used by hackers and increasingly, by phishers, to snatch users account information--such as log-in names and passwords--and grab other lucrative data, including credit card numbers.

Police arrested an Israeli man, identified as Yeron Bolondi, 32, in Israel after an attempt was made to transfer 13.9 million pounds ($26.8 million) into an account there. All told, the gang was planning to transfer the $423 million to 10 different bank accounts, said police.

Bolondi appeared in a Tel Aviv district court early Thursday, and was charged with attempted money laundering and deception. He will be kept in custody for at least a week as police continue their investigation.

If it had been successful, the robbery would have dwarfed Britain's previous record, the armed theft of £26 million ($50 million) from Belfast's Northern Bank in December, a crime thought to have been conducted by the IRA.

The NHTCU would not confirm whether the keylogger was planted by an inside accomplice, or inserted by hackers working outside the bank's network.

"From what we know from our SpyAudit data, there's a good chance this wasn't even a planned attack," said Richard Stiennon, the vice president of threat research for Boulder, Colo.-based anti-spyware vendor Webroot.

According to Webroot's SpyAudit, a for-free spyware auditing tool it makes available on its own site as well as to EarthLink subscribers, 15 percent of enterprise PCs tested have a keylogger already installed.

"They could've gotten a keylogger onto the bank's network by tricking an employee [in a phishing-style scam] or walking into the bank and sitting at an employee's terminal," said Stiennon. "But why Sumitomo? Why not a bigger bank, like Barclays? It may be because they broke into the network another way and only then noticed that a machine was already infected with a keylogger.

"It reminds me of how Microsoft was hacked back in 2004, when a Microsoft developer's home computer lead the hackers into Microsoft. The same thing may have happened here, where the thieves recognized that they'd hit the mother lode by stumbling across the keylogger-infected system."

Keylogger infections have exploded in the last year. British security firm Sophos said that the number of keyloggers it's spotting daily has jumped three-fold in the past 12 months.

"It all comes back to this ongoing trend of more and more malicious code being developed with keyloggers," said Gregg Mastora, a senior security analyst with Sophos. Criminals have pushed especially hard the last three to four months. "Clearly, [they've] upped their efforts online," he added. "A keystroke logger is just like a thief looking over your shoulder as you type in your PIN at the ATM. Except in this case, you never leave the 'security' of your own home, and neither does the thief."

Webroot's numbers are a bit more conservative, said Stiennon, but still show a big jump in keyloggers. Its audit reports, he said, have shown a doubling of keylogger prevalence on PCs, from about 8 percent 12 months ago to 15 percent today.

Both Stiennon and Mastora warned that the foiled robbery in Britain should be a wake-up call to everyone.

"A good percentage of the online community continues to put themselves at risk by accessing the Internet while being unprotected by up-to-date protection software," said Mastora.

"I think this is just the tip of the iceberg," said Stiennon. "When you hear of a bank foiling an attempt, it's almost always the case that [successful] hacks have already occurred."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
News
The State of Chatbots: Pandemic Edition
Jessica Davis, Senior Editor, Enterprise Apps,  9/10/2020
Commentary
Deloitte on Cloud, the Edge, and Enterprise Expectations
Joao-Pierre S. Ruth, Senior Writer,  9/14/2020
Slideshows
Data Science: How the Pandemic Has Affected 10 Popular Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/9/2020
Register for InformationWeek Newsletters
Video
Current Issue
IT Automation Transforms Network Management
In this special report we will examine the layers of automation and orchestration in IT operations, and how they can provide high availability and greater scale for modern applications and business demands.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll