Sunday, June 25, 2017
Home / Malware / Malware Developers Targeting European SEPA payments network

Malware Developers Targeting European SEPA payments network

Operation High Roller, which was first detailed by researchers in mid-2012, was presumed to be waning, but new reports argue that cyber criminals are once more using automated client and server-side assaults to direct fund transfers to mule accounts, and in at least one case attempted a fraudulent transaction for a  around€61,000, which would have been a pretty good payday for the malware developers.

McAfee and Guardian Analytics had previously discovered the banking Trojans known as Zeus and SpyEye had been adapted for use in automated attacks that can bypass multi-factor authentication systems to target high-value bank accounts.

The assumption was that the technique was largely being abandoned after the exploits were publicly detailed by researchers, but evidence shows that the method is now being aimed accounts with access to the European SEPA payments network.

had previously came across the banking Trojans titled Zeus and SpyEye had been altered for use in automated attacks that can bypass multi-factor authentication systems to target high-value bank accounts.

The assumption was that the formula was largely being abandoned after the exploits were publicly detailed by researchers, but evidence establishes that the method is now being aimed at accounts with admittance to the European SEPA payments network.

The new operation utilizes the injection of a Concealed iFRAME tag to take over a victim’s account and automatically transfer finances without the attacker having to manually conduct the transaction applying a different system, as was most often the case in instances where Zeus and SpyEye have been utilized to exfiltrate account credentials and empty an account.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

New FastPOS malware targeting Point-of-Sale systems

Experts have disclosed a new category of malware, labeled “FastPOS,” that has the ability to quickly …