Cybercriminals Use Online Banking Fraud Automation Techniques

Cybercriminals combine traditional banking malware with server-hosted scripts to automate online bank fraud, researchers say.
By Lucian Constantin
News Jun 26th 2012

Cybercriminals attempted to steal at least US$75 million from high-balance business and consumer bank accounts by using sophisticated fraud automation techniques that can bypass two-factor authentication, according to a report released by antivirus firm McAfee and online banking security vendor Guardian Analytics.

The new fraud automation techniques are an advancement over the so-called man-in-the-browser (MitB) attacks performed through online banking malware like Zeus or SpyEye.

Banking malware has long had the ability to inject rogue content such as forms or pop-ups into online banking websites when they are accessed from infected computers. This feature has traditionally been used to collect financial details and log-in credentials from victims that could be abused at a later time.

However, attackers are increasingly combining malware-based Web injection with server-hosted scripts in order to piggyback on active online banking sessions and initiate fraudulent transfers in real time, McAfee and Guardian Analytics researchers said in their report.