By Andy McCue, 19 January 2007 16:10
NEWS
Russian hackers have stolen €800,000 from Sweden's largest bank Nordea after a sophisticated phishing attack tricked some of its internet customers into downloading a Trojan horse that recorded their account login details.
The first attack took place in August 2006 and was detected a month later. Around 250 of Nordea's customers have been hit by the attack to date.
Hackers targeted the bank's customers with emails purporting to be from Nordea that told them to download an anti-spam tool. But those who downloaded the attachment were infected by the Trojan 'haxdoor.ki'.
The malicious software activates itself when the customer tries to log on to Nordea's internet banking service and displays an error message asking the customer to re-enter their login information, which is then recorded and sent to servers belonging to the hackers.
Swedish police have traced the attacks to Russia, via servers in the US, and have arrested more than 100 middlemen in Sweden already, the bank said.
A Nordea spokesman confirmed the attacks are ongoing but told silicon.com they have "quietened down" after the initial influx last autumn.
He said: "This is ongoing. We have compensated all the customers in full. We are constantly looking at the security of our online banking and many different measures are taken. We are updating our systems behind the scenes."
He added that these are broad-based attacks and that phishing is a global phenomenon.
Comments
There are 4 comments. Join the discussion
1. John Ray
Hats off to Nordea for their openness in admitting their customers were victims of a scam.
Their customers were fortunate to have been fully compensated.
2. anonymous
They should stop pussy-footing about and execute them when they find them. Stuff the Human Right Act.
3. anonymous
There's something wrong with the numbers in this story. EUR 800,000 -the published loss - is not much more than half a million in ordinary smackers. Divided up among the 100 Swedish middlemen apparently arrested and assorted unidentified principals in Russia and it doesn't come to much per head. An amusing little prank perhaps but not much like a really significant heist. Our old train robbers did much better than that.
4. anonymous
There is something not quite right with this story, for example the social engineering emails were sent out last year asking the bank’s customers to download this anti-spyware application (now known to be a Trojan). Didn’t the bank know that hundreds of it’s customers were downloading an application that they had supposedly asked them to.
If that is the case, and I suspect it is, then I am not surprised that the bank compensated it’s customers so quickly. I guess the bank knew their customers were getting this new “anti-spyware” but failed to look into it until money started to vanish from their customer’s accounts.