Some U.S. companies unknowingly, may help to provide millions of dollars in illicit financing to companies in China.
A report (download PDF) from the FBI and the Financial Services Information Sharing and Analysis Center (FS-ISAC) this week warned small businesses and medium-sized businesses U.S. companies looking Account Control and fraudulent online Automated Clearing House (ACH) transactions.
The warning comes after a series of recent incidents in which the online bank accounts belonging to small and medium enterprises (SMEs) have diverted money from them has been stolen and taken to account for several seemingly legitimate businesses China's Heilongjiang province, along the border with Russia.
Between March and April, the FBI has identified at least 20 incidents in which cyber criminals have had access to credit for SMEs credentials such as usernames, passwords or tokens, and is used to transfer money electronically to accounts that " economic and trade enterprises in China, "the alert said.
The amounts of the illegal transfers ranged from $ 50,000 and $ 985,000, and most of amounts over $ 900,000.
Many companies that received money is registered in the port cities, such as Raoh, Fuyuan, Jixi City, xunk, and Tongjiang Dongning. The companies appear to be legally registered companies and are usually accounts of the Agricultural Bank of China, Industrial and Commercial Bank of China and Bank of China, the invitation to tender.
So far, the thefts have diverted $ 11 million in the accounts of SMB. In total, the thieves tried to steal $ 20 million SMEs in the past month, the alert said.
How takeover of online account are not new. FBI, FS-ISAC and NACHA, the organization that oversees the ACH network, issued a similar warning in the fall of 2009.
At the time, said the FBI several new cases were reported per week. In most cases, criminals use sophisticated strikes logging and Trojan horses to steal login information for company employees authorized to initiate fund transfers on behalf of their employers, said the FBI 2009 reports.
The warnings were applied on alert this week. Reports note that the malware used in recent attacks have not been identified in all cases, but at least some cases involved bank ZeuS trojan keylogger on Backdoor.bot and Spybot, Trojan horse IRC backdoor.
In addition, a victim reported being hit by malicious software that allowed hackers to completely erase the hard drive of the infected computer, before any investigation could be done, "said warning.
Alerts FBI has urged banks to inform customers if they know of transfers to Raoh, Fuyuan, Jixi City, Xunka or Dongning Tongjiang.
Avivah Litan, an analyst at Gartner, says banks must do more to protect against these attacks, especially because they are in a better position to tackle the problem.
"These attacks are the same techniques that were used a couple of years against the bank accounts of business and has recently received the company's systems and security companies," said Litan. "The attacks kept coming, like most banks have yet to gather sufficient defense.
There has been speculation that the Federal Republic Review Board of Financial Institutions (FFIEC), a standards organization for the financial sector may soon require banks to implement a stronger form of user authentication, but no action is taken.
A Gartner survey conducted in February found that many banks still rely on measures "blanks" of security, such as cookies and security issues to protect your online accounts, Litan said.
"Nearly two-thirds of banks to manage their fraud detection and customer authentication projects committee, which means that [safety] is always someone else's responsibility. It is therefore not surprising that the attacks were successful. "
A report (download PDF) from the FBI and the Financial Services Information Sharing and Analysis Center (FS-ISAC) this week warned small businesses and medium-sized businesses U.S. companies looking Account Control and fraudulent online Automated Clearing House (ACH) transactions.
The warning comes after a series of recent incidents in which the online bank accounts belonging to small and medium enterprises (SMEs) have diverted money from them has been stolen and taken to account for several seemingly legitimate businesses China's Heilongjiang province, along the border with Russia.
Between March and April, the FBI has identified at least 20 incidents in which cyber criminals have had access to credit for SMEs credentials such as usernames, passwords or tokens, and is used to transfer money electronically to accounts that " economic and trade enterprises in China, "the alert said.
The amounts of the illegal transfers ranged from $ 50,000 and $ 985,000, and most of amounts over $ 900,000.
Many companies that received money is registered in the port cities, such as Raoh, Fuyuan, Jixi City, xunk, and Tongjiang Dongning. The companies appear to be legally registered companies and are usually accounts of the Agricultural Bank of China, Industrial and Commercial Bank of China and Bank of China, the invitation to tender.
So far, the thefts have diverted $ 11 million in the accounts of SMB. In total, the thieves tried to steal $ 20 million SMEs in the past month, the alert said.
How takeover of online account are not new. FBI, FS-ISAC and NACHA, the organization that oversees the ACH network, issued a similar warning in the fall of 2009.
At the time, said the FBI several new cases were reported per week. In most cases, criminals use sophisticated strikes logging and Trojan horses to steal login information for company employees authorized to initiate fund transfers on behalf of their employers, said the FBI 2009 reports.
The warnings were applied on alert this week. Reports note that the malware used in recent attacks have not been identified in all cases, but at least some cases involved bank ZeuS trojan keylogger on Backdoor.bot and Spybot, Trojan horse IRC backdoor.
In addition, a victim reported being hit by malicious software that allowed hackers to completely erase the hard drive of the infected computer, before any investigation could be done, "said warning.
Alerts FBI has urged banks to inform customers if they know of transfers to Raoh, Fuyuan, Jixi City, Xunka or Dongning Tongjiang.
Avivah Litan, an analyst at Gartner, says banks must do more to protect against these attacks, especially because they are in a better position to tackle the problem.
"These attacks are the same techniques that were used a couple of years against the bank accounts of business and has recently received the company's systems and security companies," said Litan. "The attacks kept coming, like most banks have yet to gather sufficient defense.
There has been speculation that the Federal Republic Review Board of Financial Institutions (FFIEC), a standards organization for the financial sector may soon require banks to implement a stronger form of user authentication, but no action is taken.
A Gartner survey conducted in February found that many banks still rely on measures "blanks" of security, such as cookies and security issues to protect your online accounts, Litan said.
"Nearly two-thirds of banks to manage their fraud detection and customer authentication projects committee, which means that [safety] is always someone else's responsibility. It is therefore not surprising that the attacks were successful. "
