The RSA put out an advisory Thursday, which said it has data indicating the gang plans to unleash a little-known Trojan to penetrate computers belonging to U.S. banking customers and to use the hijacked machines to start fraudulent wire transfers from their accounts.
If prosperous, the effort could turn out to be one of the greatest coordinated banking-Trojan operations to date, Mor Ahuvia, cybercrime communications specialist with RSA’s FraudAction team, said today.
The gang is at present recruiting about 100 botmasters, each of whom would be responsible for accomplishing Trojan attacks against U.S. banking customers in return for a share of the loot, she said.
Each botmaster will be backed by an “investor” who will provide income to buy the hardware and software needed for the attacks, Ahuvia alleged.
“This is the first time we are seeing a financially motivated cyber crime operation being orchestrated at this scale,” Ahivia said. “We have seen DDoS attacks and hacking before. But we have never seen it being organized at this scale.”
