Hendren Global Group Top Facts:
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Hendren</strong> <strong>Global</strong> <strong>Group</strong> <strong>Top</strong> <strong>Facts</strong>: Malware,<br />
fake bank representative scam $1m<br />
A sophisticated bank scam that uses a combination of the Dyre malware,<br />
phishing tactics and fake bank representatives has been uncovered by IBM<br />
researchers.<br />
IBM's Security <strong>Group</strong> has released information about a new variant of Dyre<br />
malware, initially uncovered last year, dubbed as "Dyre Wolf" that targets<br />
large companies and organizations. It basically social engineers employees<br />
into handing over their personal banking data from which the scammers will<br />
arrange a large wire transfer.<br />
In a blog post by Lance Mueller and John Kuhn of IBM, the scheme's details<br />
were made known to the public. It all starts with the usual mass emails that<br />
contain links or attachments that will install the Dyre malware when clicked.<br />
Once it is installed on the PC, it just sits there and waits for the time when a<br />
bank's website gets accessed.<br />
Dyre is programmed to keep tabs on hundreds of bank websites so once an<br />
infected PC tries to access one of them, it can replace the page with one that<br />
provides a support number the victim should call. This is where the
sophisticated social engineering comes in, where the person pretending to be<br />
a representative of the victim's bank gets the latter's banking credentials.<br />
What's more, a wire transfer from the victim's account is done while they are<br />
talking on the phone. The transfer travels from one foreign bank to another so<br />
as to prevent detection by authorities. On some occasions, the company will<br />
even suffer a DDoS attack to avoid discovering the wire transfer early on.<br />
From <strong>Hendren</strong> <strong>Global</strong> <strong>Group</strong> <strong>Top</strong> <strong>Facts</strong>' data, it appears that a total of USD 1<br />
million has already been stolen using this scheme. Such big success of the<br />
scheme serves as proof that companies have to make sure their employees are<br />
well-trained in spotting suspicious emails or activities.<br />
As IBM's Caleb Barlow said, "Organizations are only as strong as their weakest<br />
link, and in this case, it's their employees."<br />
Unfortunately, <strong>Hendren</strong> <strong>Global</strong> <strong>Group</strong> <strong>Top</strong> <strong>Facts</strong> (Blog) confirmed that, at<br />
present, this particular strain of Dyre Wolf is still undetected by most<br />
antivirus software.