Swedish Bank Taken for Over $1 Million by Cyber Crooks - InformationWeek
Business & Finance
06:01 PM
Connect Directly
Building Security for the IoT
Nov 09, 2017
In this webcast, experts discuss the most effective approaches to securing Internet-enabled system ...Read More>>

Swedish Bank Taken for Over $1 Million by Cyber Crooks

Customers were duped by a phishing scam coupled with a version of the Haxdoor Trojan installed on their computers.

Cyber crime apparently pays quite well. Swedish bank Nordea has acknowledged that about 250 of its online banking customers have been robbed of about 8 million Swedish kronor -- roughly $1.14 million dollars -- as a result of a targeted phishing campaign.

The attack took place over the past 15 months, according to Boo Ehlin, a spokesman for the bank. Swedish trade publication Computer Sweden reported that 121 people may have been involved in carrying out the attack, but Ehlin could not confirm that figure. The article identified Russian cyber thieves as being behind the attack.

The phishing e-mail was designed specifically to fool Nordea's online banking customers into downloading what was supposed to be an anti-spam application, according to computer security company McAfee. Those duped ended up with a version of the Haxdoor Trojan on their computers. The malware redirected them to a phony login page that captured their online banking user names and passwords.

"These types of Trojans are quite sophisticated," said David Marcus, security research and communications manager at McAfee Avert Labs. "It's not just something that's sitting in the background capturing screenshots. ...[T]hey're actually designed to wait for you to go to a specific financial institution, so they're not capturing everything."

"What they then do is redirect you to the fake Web site, which looks just like the real thing, and present you with what looks like a real login screen," explained Marcus. "There goes your account login, PIN, and money."

"The interesting thing is the bank actually did nothing wrong in this instance," said Marcus. "And this type of Trojan is something we run into a lot out in the wild. It's one of the largest classes of malware out there. So this attack is really nothing new. This particular one just happened to be a bit more successful than some of the ones we had seen."

Indeed, Nordea was hit with a similar attack in August 2005. The bank says it has almost 10 million customers, 4.6 million of whom bank online, in the Nordic and Baltic regions.

"We have reimbursed all the customers, so they will not take any loss," said Ehlin, who explained that the affected customers had outdated antivirus software or none at all. He said Nordea intended to make free antivirus software available to customers that don't have it already.

"It never ceases to amaze me that people will do online banking, exposing huge amounts of financial information, and not take basic precautions," said Marcus. "I was born in a really bad neighborhood and you're just taught to take certain precautions, like not walk down dark streets at night. And the Internet has to be approached the same way."

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll