A new attack called Eurograbber recently stole an estimated 36+ million Euros from more than 30,000 bank customers across Europe. The attacks began in Italy, and soon after, tens of thousands of infected online bank customers were also detected in Germany, Spain, and Holland.
The attack involved a sophisticated combination of malware directed at the computers and mobile devices of banking customers. The malware, in conjunction with the attackers’ command and control server, first infected the victims’ computers via a malicious link, and then, infected their mobile devices in order to intercept SMS messages to bypass the banks’ two-factor authentication process. The attack employed a new and very successful variation of the ZITMO, or Zeus-In-The-Mobile Trojan.
With their computer and mobile device compromised, every time a bank customer logged into their bank account, Eurograbber initiated a transfer of funds out of the customer account and into a “mule” account. The attackers validated the transfer with the intercepted transaction authentication number (TAN) to complete the illicit transaction.
The Eurograbber attack targeted online banking customers and not the banks themselves. To protect against attacks like Eurograbber, follow these tips:
• Update your computer – Regularly updating your computer and all software is one of the simplest, yet most important, ways to protect your computer. Attackers consistently look to exploit known security flaws so a critical preventative measure is to regularly update your operating system, Adobe, Java, Internet browser, and other tools or programs used for downloading files or web surfing. Doing so ensures the most current vendor patches and security signatures are applied thus providing the most current security available.
• Never respond to unsolicited emails – An email directing banking customers to “click on a link” is the key that opened Pandora’s Box and began the Eurograbber attack. Known as “phishing” emails, if the banking customer recognizes the email as unsolicited and does not click on the link, their desktop will not be infected and the Eurograbber attack will not occur. It is very important to never respond to unsolicited emails from your financial institutions. If the message is concerning to you, contact the institution directly.
• Use Security Software – Make sure you are protecting your computer with the latest security software. There are a wide variety of free and paid security solutions out there from which to choose. But at a minimum, pick a solution that has antivirus software and a two-way firewall. Without minimum protection, you leave yourself highly vulnerable to online attacks.