Earlier today Guardian Analytics and McAfee released a joint fraud report, “Dissecting Operation High Roller,” that describes a new breed of sophisticated fraud attacks. The advanced methods discovered in Operation High Roller show fraudsters moving toward cloud-based servers with multi-faceted automation in a global fraud campaign.
Building on established Zeus and SpyEye tactics, this ring adds many breakthroughs: bypasses for physical “chip and pin” authentication, automated mule account databases, server-based fraudulent transactions, and attempted transfers to mule business accounts as high as ?100,000 ($130,000 USD). Where Europe has been the primary target for this and other financial fraud rings in the past, our research found the thefts spreading outside Europe, including the United States and Colombia.
What are the key points about the attacks?
– Shift from traditional Man-in-the-Browser attacks on the victim’s PC to server side automated attacks. Criminals have moved from multi-purpose botnet servers to using servers purpose-built and dedicated to processing fraudulent transactions
– Global – started in Europe, moved to Latin America and recently to the US
– Impacting commercial accounts and high net-worth individuals
– Impacting financial institutions of all sizes
What is the impact of this new fraud methodology?
– Criminals can move faster
– A wide variety and level of dollar transactions can be attempted
– Purpose built, multiple strategy approach helps avoid detection
– By avoiding detection, the servers can stay live longer
Download the report in its entirety here. A detailed knowledge base article and other documents will be released later today as well.
Leave a reply