Operation High Roller

Operation High Roller was a series of fraud in the banking system in different parts of the world that used cyber-collection agents in order to collect PC and smart-phone information to electronically raid bank accounts.[1] It was dissected in 2012 by McAfee and Guardian Analytics.[2] A total of roughly $78 million was siphoned out of bank accounts due to this attack.[3] The attackers were operating from servers in Russia, Albania and China to carry out electronic fund transfers.[4]

Specifications

This cyber attack is described to have the following features:[5]

  • Bypassed Chip and PIN authentication.
  • Required no human participation.
  • Instruction came from cloud-based servers (rather than the hacker's PC) to further hide the identity of the attacker.
  • Included elements of "insider levels of understanding".
  • Banks in Europe, the United States and Colombia were targeted.
  • Impacted several classes of financial institution such as credit unions, large global banks, regional banks, and high-net-worth individuals.

While some sources have suggested it to be an extension of man-in-the-browser attack[6] Operation High Roller is reported to have harnessed a more extensive level of automation distinguishing it from the traditional methods.[7]

gollark: I think you got the wrong one.
gollark: > are you okayIt's actually one of the examples in the SQLite docs.
gollark: Ah yes, the mandelbrot query.
gollark: ???
gollark: What?

See also

References

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.