Hendren Global Group Top Facts: Malware, fake bank representative scam $1m
A sophisticated bank scam that uses a combination of the Dyre malware, phishing tactics and fake bank representatives has been uncovered by IBM researchers.
A sophisticated bank scam that uses a combination of the Dyre malware, phishing tactics and fake bank representatives has been uncovered by IBM researchers.
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Hendren</strong> <strong>Global</strong> <strong>Group</strong> <strong>Top</strong> <strong>Facts</strong>: <strong>Malware</strong>,<br />
<strong>fake</strong> <strong>bank</strong> <strong>representative</strong> <strong>scam</strong> <strong>$1m</strong><br />
A sophisticated <strong>bank</strong> <strong>scam</strong> that uses a combination of the Dyre malware,<br />
phishing tactics and <strong>fake</strong> <strong>bank</strong> <strong>representative</strong>s has been uncovered by IBM<br />
researchers.<br />
IBM's Security <strong>Group</strong> has released information about a new variant of Dyre<br />
malware, initially uncovered last year, dubbed as "Dyre Wolf" that targets<br />
large companies and organizations. It basically social engineers employees<br />
into handing over their personal <strong>bank</strong>ing data from which the <strong>scam</strong>mers will<br />
arrange a large wire transfer.<br />
In a blog post by Lance Mueller and John Kuhn of IBM, the scheme's details<br />
were made known to the public. It all starts with the usual mass emails that<br />
contain links or attachments that will install the Dyre malware when clicked.<br />
Once it is installed on the PC, it just sits there and waits for the time when a<br />
<strong>bank</strong>'s website gets accessed.<br />
Dyre is programmed to keep tabs on hundreds of <strong>bank</strong> websites so once an<br />
infected PC tries to access one of them, it can replace the page with one that<br />
provides a support number the victim should call. This is where the
sophisticated social engineering comes in, where the person pretending to be<br />
a <strong>representative</strong> of the victim's <strong>bank</strong> gets the latter's <strong>bank</strong>ing credentials.<br />
What's more, a wire transfer from the victim's account is done while they are<br />
talking on the phone. The transfer travels from one foreign <strong>bank</strong> to another so<br />
as to prevent detection by authorities. On some occasions, the company will<br />
even suffer a DDoS attack to avoid discovering the wire transfer early on.<br />
From <strong>Hendren</strong> <strong>Global</strong> <strong>Group</strong> <strong>Top</strong> <strong>Facts</strong>' data, it appears that a total of USD 1<br />
million has already been stolen using this scheme. Such big success of the<br />
scheme serves as proof that companies have to make sure their employees are<br />
well-trained in spotting suspicious emails or activities.<br />
As IBM's Caleb Barlow said, "Organizations are only as strong as their weakest<br />
link, and in this case, it's their employees."<br />
Unfortunately, <strong>Hendren</strong> <strong>Global</strong> <strong>Group</strong> <strong>Top</strong> <strong>Facts</strong> (Blog) confirmed that, at<br />
present, this particular strain of Dyre Wolf is still undetected by most<br />
antivirus software.
Change language