Operation High Roller
Operation High Roller was a series of fraud in the banking system in different parts of the world that used cyber-collection agents in order to collect PC and smart-phone information to electronically raid bank accounts.[1] It was dissected in 2012 by McAfee and Guardian Analytics.[2] A total of roughly $78 million was siphoned out of bank accounts due to this attack.[3] The attackers were operating from servers in Russia , Albania and China to carry out electronic fund transfers.[4]
Specifications
This cyber attack is described to have the following features:[5]
- Bypassed Chip and PIN authentication.
- Required no human participation.
- Instruction came from cloud-based servers (rather than the hacker's PC) to further hide the identity of the attacker.
- Included elements of "insider levels of understanding".
- Banks in Europe, the United States and Colombia were targeted.
- Impacted several classes of financial institution such as credit unions, large global banks, regional banks, and high-net-worth individuals.
While some sources have suggested it to be an extension of man-in-the-browser attack[6] Operation High Roller is reported to have harnessed a more extensive level of automation distinguishing it from the traditional methods.[7]
See also
- Bundestrojaner
- Cyber-collection
- Duqu
- Flame
- Guardian Analytics
- McAfee
- Stuxnet
References
- ↑ Rachael King (June 26, 2012). "Operation high roller targets corporate bank accounts". Wall Street Journal. https://blogs.wsj.com/cio/2012/06/26/operation-high-roller-targets-corporate-bank-accounts/.
- ↑ "Operation high roller auto-targets bank funds". CNET News. http://news.cnet.com/8301-1009_3-57460326-83/operation-high-roller-auto-targets-bank-funds/.
- ↑ "How exactly do cyber criminals steal $78 million?". Time magazine (online) Business and Money. July 3, 2012. http://business.time.com/2012/07/03/how-exactly-do-cyber-criminals-steal-78-million/.
- ↑ Danielle Walker (October 29, 2012). ""High roller" fraud campaign persists, origin revealed". SC Magazine. http://www.scmagazine.com/high-roller-fraud-campaign-persists-origin-revealed/article/265641/.
- ↑ Michael Rundle (June 26, 2012). "Operation high roller". Huffington Post. http://www.huffingtonpost.co.uk/2012/06/26/operation-high-roller-mcafee_n_1626521.html.
- ↑ ""High roller" hacker attack is stealing hundreds of millions from the rich". DailyTech. June 26, 2012. http://www.dailytech.com/High+Roller+Hacker+Attack+is+Stealing+Hundreds+of+Millions+From+the+Rich/article25026.htm.
- ↑ "'Operation high roller' stole from the rich to give to unknown auto-mule crims in the cloud". The Register. June 27, 2012. https://www.theregister.co.uk/2012/06/27/automated_banking_scam.
External links
- Dissecting operation high roller on McAfee/Guardian Analytics report
- Operation high roller on CNN Money
- Operation high roller on Fox News report
- Operation high roller on Yahoo Finance
- Operation high roller revisited
 |  |
