“Project Blitzkrieg” Cyber-Attack Threatens Largest US Banks
WASHINGTON (CBS DC) — The threat of a massive cyber-attack on 30 of the largest U.S. banks has been confirmed by a recent report issued by the McAfee network security firm.
An October report from the RSA security firm got the attention of the online banking world with its announcement that a highly sophisticated Trojan had been developed that can funnel money from bank accounts at places such as Chase, Citibank, Wells Fargo, and PayPal, CNN reports.
The cybercriminal plan – known to McAfee and RSA as “Project Blitzkrieg” – has been successfully tested on at least 300 guinea pig U.S. bank accounts. The plan relies on cybercriminals “cloning” customers’ home computers so that security questions are not triggered as if the account is being accessed from an unrecognized location. After bypassing the third-party security questions, bank withdrawal limits are evaded by having hundreds of different cybercriminals making simple, small withdrawals in order to avoid the withdrawal alerts.
“Project Blitzkrieg” started as a large-scale cybercriminal recruiting plan that promised a cut of the stolen account money in exchange for the hackers’ talent and skills.
The project was linked back to two Russian cybercriminals nicknamed, “NSD.” They asked their recruits to infect US computers with malware, clone the computers, and then remove funds using stolen usernames and passwords.
And while the plan has been considered a serious threat by McAfee and other security firms, leading security researcher Brian Krebs was able to link it to NSD in just a matter of days. They believe that shining a light on the scheme is a great first step to stifling its execution.
“NSD has effectively disappeared from chat forums,” Krebs told CNN.
“I can’t find him anywhere,” Krebs told CNN. “Either bringing this to light scuttled any plans to go forward, or it’s still moving ahead cautiously under a much more protective cover.”
The banks also stated that they are being proactive in their defense against such attacks.
“Security is core to our mission and safeguarding our customers’ information is at the foundation of all we do,” said Wells Fargo spokeswoman Sara Hawkins told CNN. “We constantly monitor the environment, assess potential threats, and take action as warranted.”