Massive fraud campaign sees millions vanish from online bank accounts

News
By published

Fraudsters used mobile emulators to gain access to funds

Fraud
(Image credit: Shutterstock / Sapann Design)

Researchers have uncovered an extensive fraud campaign that saw millions of dollars drained from victims’ online bank accounts.

The operation was discovered by experts at IBM Trusteer, the IT giant’s security division, who described the attack as unprecedented in scale.

To gain access to online banking accounts, the fraudsters are said to have utilized a piece of software known as a mobile emulator, which creates a virtual clone of a smartphone.

In this case, thousands of these emulated devices were used to infiltrate online banking accounts that had already been compromised in earlier malware and phishing attacks.

Having bypassed protections using GPS and VPN techniques and by simulating device identifiers attached to each account, the hackers were able to execute money orders that funnelled funds out of accounts.

Online banking fraud

Mobile emulation applications have various legitimate use cases, primarily in application development and pen testing, but can also be abused by cybercriminals. In this case, a large network of emulators were used to execute financial fraud on a mass scale.

“In some cases, over 20 emulators were used in the spoofing of well over 16,000 compromised devices. The attackers use these emulators to repeatedly access thousands of customer accounts and end up stealing millions of dollars in a matter of just a few days,” wrote Shachar Gritzman and Limor Kessman, researchers at Trusteer.

According to the pair, the attackers were careful to keep transactions under amounts that might trigger further investigation and, after completing the attack, were careful to cover their tracks.

“Each time the system used a device in a successful transfer, it was ‘recycled’ and replaced by another, unused device. The same happened when a device was blocked by financial institutions,” the researchers added.

While there is little individuals can do to shield against mobile emulation attacks of this sophistication, the theft of funds could not have occurred if accounts had not been compromised in advance. Therefore, using a password manager to generate strong, unique passcodes and exercising caution when opening files delivered via email will go at least some way to keeping mobile users protected.

Joel Khalili
Joel Khalili
News and Features Editor

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

Latest in Security
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Latest in News
Super Mario Odyssey
ChatGPT is the ultimate gaming tool - here's 4 ways you can use AI to help with your next playthrough
Brad Pitt looks over his right shoulder with 'F1' written behind him
Apple Original Films will take you behind-the-scenes of a racing cockpit in this new thrilling F1 movie trailer
AI writer
Coding AI tells developer to write it himself
Reacher looking down at another character from the Prime Video TV series Reacher
Reacher season 3 becomes Prime Video’s biggest returning show thanks to Hollywood’s biggest heavyweight
Finger Presses Orange Button Domain Name Registration on Black Keyboard Background. Closeup View
I visited the world’s first registered .com domain – and you won’t believe what it’s offering today
Image showing detail of the Leica D-Lux 8
Still can't get a Fujifilm X100VI? This premium Leica compact costs less, and it's in stock
More about security
Data Breach

Thousands of healthcare records exposed online, including private patient information
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.

AI agents can be hijacked to write and send phishing attacks
Autonomous finance

Quickbooks vs Quicken: what are the main strengths and weaknesses for your business
See more latest
Most Popular
Finger Presses Orange Button Domain Name Registration on Black Keyboard Background. Closeup View
I visited the world’s first registered .com domain – and you won’t believe what it’s offering today
Super Mario Odyssey
ChatGPT is the ultimate gaming tool - here's 4 ways you can use AI to help with your next playthrough
Nokia 5G 360 Camera
This is the world's first 8K 5G 360 degrees camera - and it is also weatherproof
AI writer
Coding AI tells developer to write it himself
Data Breach
Thousands of healthcare records exposed online, including private patient information
Brad Pitt looks over his right shoulder with 'F1' written behind him
Apple Original Films will take you behind-the-scenes of a racing cockpit in this new thrilling F1 movie trailer
Google Messages update
Google Messages could soon follow WhatsApp with an upgrade that makes it much easier to join group chats
Reacher looking down at another character from the Prime Video TV series Reacher
Reacher season 3 becomes Prime Video’s biggest returning show thanks to Hollywood’s biggest heavyweight
Nvidia RTX 6000
Details of Nvidia's fastest video card ever leak; RTX Pro 6000 Blackwell GPU will have 96GB GDDR7 ECC memory
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks