11 December 2016
Visit aciworldwide.com

Cybercrooks steal EUR500,000 from European bank

25 June 2014  |  5997 views  |  1 web spider

Cybercrooks used a Trojan to steal more than EUR500,000 in just one week from the customers of a European bank, says security firm Kaspersky Lab.

More than 190 customers, mostly from Italy and Turkey, of the unnamed bank had money stolen in the campaign, dubbed Luuuk, in January.

Kaspersky says that on 20 January it detected a command and control server which had evidence of the Trojan in its control panel. The server also had transaction logs containing information about which sums of money were taken from which accounts.

The Trojan enabled crooks to intercept financial data automatically with money stolen as soon as victims logged into their accounts. The money was then parcelled out to mules who cashed out at ATMs.

Kaspersky says that within two days of its discovery of the server, the gang removed every shred of evidence that might be used to trace them. However, the firm warns, this is unlikely to be the end of the Luuuk campaign.


Comments: (1)

Nikolaus Bayer
Nikolaus Bayer - IRIS Analytics GmbH - Neu-Isenburg | 30 June, 2014, 13:52

Yet another scary example of an instance of payment fraud as a result of criminals hacking consumers' PCs. Sadly this is unlikely to be the last, and of course it's particularly hard to predict what trojans organised criminals will come up with next. This does draw attention to the fact however that banks urgently need to employ an additional line of defence using real-time transaction monitoring for the growing transaction volumes through their online and mobile banking channels. Both because of the growing importance of these channels and as a vital means of reassuring customers of the security of their payment information. It's not rocket science - the industry needs to take action so that customers don't think twice before banking or shopping online.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Ransomware moves to the mobile - and it's after your banking data

Ransomware moves to the mobile - and it's after your banking data

17 June 2014  |  5502 views  |  0 comments | 9 tweets | 5 linkedin
Zeus-Carberp mashup Trojan targets banks

Zeus-Carberp mashup Trojan targets banks

29 May 2014  |  5460 views  |  0 comments | 6 tweets | 5 linkedin
Cyber gang plots coordinated Trojan attack on 30 US banks - RSA

Cyber gang plots coordinated Trojan attack on 30 US banks - RSA

05 October 2012  |  8868 views  |  0 comments
Russian security services bust notorious malware ring

Russian security services bust notorious malware ring

21 March 2012  |  6168 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
Find out morehttp://www.financialcrimerisk.fiserv.com/aml?r=finextraVisit VocaLink.com

Top topics

Most viewed Most shared
China tops world fintech rankingsChina tops world fintech rankings
8861 views comments | 39 tweets | 32 linkedin
EBA bends under weight of PSD2 mandatesEBA bends under weight of PSD2 mandates
8385 views comments | 37 tweets | 48 linkedin
Guesswork alone can crack Visa card security - Newcastle UniversityGuesswork alone can crack Visa card securi...
8086 views 12 comments | 15 tweets | 27 linkedin
PSD2 will transform the payments landscapePSD2 will transform the payments landscape
7356 views comments | 24 tweets | 13 linkedin
Fed Governor sounds warning on alternative credit scoring dataFed Governor sounds warning on alternative...
6938 views comments | 20 tweets | 24 linkedin

Featured job

to Six-Figure Base, Commission, Benefits
London, UK

Find your next job