Eurograbber virus targets European banks

Read time 2min 10sec

The Eurograbber virus has defrauded 30 000 European banking customers out of EUR36 million by attacking both PCs and mobile devices.

The incident was highlighted in a study published by Check Point Software Technologies and Versafe. Titled, "A Case Study of Eurograbber: How 36 million was stolen via malware", the case study uncovers a sophisticated attack used to steal millions from corporate and private banking customers across Europe.

"Cyber attacks are constantly evolving to take advantage of the latest trends. As online and mobile banking continue to grow, we will see more targeted attacks in this area, and Eurograbber is a prime example," said Gabi Reish, head of product management at Check Point Software Technologies.

This malware first infected the victims' computers, and then infected their mobile devices in order to intercept SMS messages to bypass the conventional two-factor authentication process. The attackers used stolen information and the transaction authentication number (TAN) and were able to perform automatic transfers of funds, ranging from EUR500 to EUR250 000, from the victims' accounts.

According to the case study, the attacks originated in Italy and quickly moved into Germany, Holland and Spain. The attack was targeted specifically at Android and BlackBerry mobile devices.

The Eurograbber incident is not the first of this kind and it highlights the security concerns associated with the use of SMS technology in banking. Just last month, a lobby group for Australian telcos declared that SMS technology should not be considered a safe means of verifying the identity of an individual during a banking transaction. This was after numerous reports emerged of Australians being defrauded.

"The best way to prevent these attacks is with a multi-layered security solution that spans network, data and endpoints, powered by real-time threat intelligence," says Reish.

Eran Kalige, head of Versafe's security operation centre, agrees: "Cyber attacks have become more sophisticated, more creative and more targeted than ever before. As seen with Eurograbber, attackers are focusing on the weakest link, the people behind the devices, and are using very sophisticated techniques to launch and automate their attacks and avoid traceability."

The case study provides detailed insight into how Eurograbber was executed across Europe and includes solutions for both consumers and enterprises to prevent these types of attacks. Click here for the full report.

See also