[ISN] 'Sleeper bugs' used to steal .1m in France
isn at c4i.org
Wed Feb 8 03:20:05 EST 2006
Kim Willsher in Paris
February 7, 2006
Russian thieves have stolen more than .1m (£680,000) from personal
bank accounts in France using "sleeper bugs" to infect computers.
French authorities claim the thieves can take control of and empty a
bank account in seconds. In one hit, a bank customer lost .40,000.
Police say the virus is embedded in emails or websites and remains
dormant until the user contacts their bank online. When that happens,
the bug becomes active and records passwords and bank codes which are
then forwarded to the thieves. They then use the information to check
the victim has money in the bank before transferring funds to the
accounts of third parties, known as mules, who may have agreed to
allow money to pass through their accounts in return for a commission
of between 5% and 10%.
Police claim this is set up through fictitious companies, including
one American firm named World Transfer, although the mules could be
unaware that their computers are being used for theft.
A dozen Russian thieves, described by police as being typically aged
between 20 and 30, and several Ukrainian masterminds of the scam have
been arrested in Moscow and St Petersburg.
The authorities were alerted in November 2004, when a bank customer
noticed a large sum missing from his account. This was followed by
other reports of theft all over France. In 11 months, the thieves had
Nicolas Woirhaye, a security expert, said the French authorities were
alerted to scams every three weeks. He said the best way to beat
pirates was to use up-to-date anti-virus software.
"All the French victims were trapped because they didn't have any
[computer] protection," he said.
More information about the ISN