I just came back from RSA Conference Europe, which – as always – is an amazing time of the year. One particular perk of this event was the public display of the
Engima machine, believed by the German forces of Second World War to be impenetrable, and the story of Alan Turing who broke its codes.
The intelligence gathered following the breaking of the Enigma encryption was called
ULTRA and was one of Britain's greatest secrets. If you can monitor communications which the other side believes are completely secure, you should have a dramatic advantage.
One perfect example for this is the recent
FBI operation in DarkMarket, a renowned fraud forum. For years the FBI monitored operations on the forum and the result was the
arrest of 56 online fraudsters. This strikes fear, uncertainty and doubt among the thousands of remaining online criminals.
And today, another startling discovery was revealed.
In their Speaking of Security blog, the
RSA FraudAction Research Lab shared findings based on its tracking and research of what many would dub as the 'mother of all Trojans' in recent years.
Called Sinowal, and known also as Torpig and Mebroot, this particularly nasty Trojan is more than just a piece of crimeware. Like the Enigma, which was more than just an encryption device, it was a complete operational framework: highly resilient, highly
scalable, and extremely stealthy. Like the Enigma machine, it had several versions, each better than its predecessor.
The numbers behind Sinowal are nothing short of staggering.
The report says that Sinowal is triggered by 2,700 distinct websites globally, among them hundreds of financial institutions. This means that as soon as you enter such as website, the Sinowal Trojan hidden in your PC starts recording the session and submitting
it to the Trojan operators.
In the past three years it collected roughly 300,000 online banking accounts and a similar number of credit and debit cards. The RSA FraudAction Research Lab says it shared the findings with law enforcement agencies.
300,000 compromised accounts. Just to give you some perspective on how much big this number is, consider the fact that the average fraud per compromised account is over 2,000 pounds. Do the math.
It seems like the online fraud underground has had a rough month. The Americans call it October Surprise.