[ISN] 'Sleeper bugs' used to steal .1m in France

InfoSec News isn at c4i.org
Wed Feb 8 03:20:05 EST 2006


Kim Willsher in Paris
February 7, 2006
The Guardian 

Russian thieves have stolen more than .1m (£680,000) from personal 
bank accounts in France using "sleeper bugs" to infect computers. 
French authorities claim the thieves can take control of and empty a 
bank account in seconds. In one hit, a bank customer lost .40,000. 

Police say the virus is embedded in emails or websites and remains 
dormant until the user contacts their bank online. When that happens, 
the bug becomes active and records passwords and bank codes which are 
then forwarded to the thieves. They then use the information to check 
the victim has money in the bank before transferring funds to the 
accounts of third parties, known as mules, who may have agreed to 
allow money to pass through their accounts in return for a commission 
of between 5% and 10%.

Police claim this is set up through fictitious companies, including 
one American firm named World Transfer, although the mules could be 
unaware that their computers are being used for theft.
A dozen Russian thieves, described by police as being typically aged 
between 20 and 30, and several Ukrainian masterminds of the scam have 
been arrested in Moscow and St Petersburg.

The authorities were alerted in November 2004, when a bank customer 
noticed a large sum missing from his account. This was followed by 
other reports of theft all over France. In 11 months, the thieves had 
stolen .1m.

Nicolas Woirhaye, a security expert, said the French authorities were 
alerted to scams every three weeks. He said the best way to beat 
pirates was to use up-to-date anti-virus software.

"All the French victims were trapped because they didn't have any 
[computer] protection," he said.

More information about the ISN mailing list