Menu
'Luuuk' banking malware may have stolen €500,000 in a week

'Luuuk' banking malware may have stolen €500,000 in a week

Kaspersky Lab says the professional criminal group behind the operation is very active

A European bank may have lost as much as €500,000 (US$682,000) in a week earlier this year, according to Kaspersky Lab, which analyzed data on a server used in attacks against online banking users in Italy and Turkey.

In a blog post Wednesday, the Russian security company didn't identify the bank or why it chose to reveal the possible theft six months later. The financial institution has been notified of the discovery, and Kaspersky said is in contact with law enforcement.

On Jan. 20, Kaspersky analysts discovered a command-and-control server for a piece of malware that executed so-called man-in-the-browser attacks on victims' computers. In that type of attack, malware intervenes during an online banking session and can manipulate or steal data.

Two days later, the fraudsters removed all of the "sensitive components" from the server, Kaspersky wrote. That indicates the cybercriminals may have known someone else was looking at it.

The fraud campaign was nicknamed "Luuuk" by Kaspersky after that name appeared in a file path of the server's administrator control panel. It appears the server managed the theft of funds from victims' accounts, automatically transferring the money to the accounts of "mules," or people who agree to receive the funds for a cut and transfer the bulk of the funds onward.

Server logs indicated that as much as €500,000 may have been transferred in a single week, wrote Kaspersky's Global Research and Analysis Team. The data indicated around 190 victims. Analysts also saw on the server descriptions of fraudulent transfers and the IBAN (international bank account number) numbers for victims and money mules.

Kaspersky hasn't seen a sample of the actual malware that was on victims' computers. But data on the server indicated it is similar in functionality to the infamous Zeus banking malware.

The Luuuk malware collected the logins and passwords of victims and one-time passcodes. Since one-time passcodes typically expire in a few minutes, this type of banking malware will use the code to quickly log into the victim's account.

The attackers checked the victim's balance and then conducted several fraudulent transactions automatically, likely "in the background of a legitimate banking session," the company wrote.

There are other indicators that the group is still very active, Kaspersky wrote, although it did not give further details.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags securityExploits / vulnerabilitiesmalwarekaspersky lab

Featured

Slideshows

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow Electronics introduced Tenable Network Security to local resellers in Sydney last week, officially launching the distributor's latest security partnership across Australia and New Zealand. Representing the first direct distribution agreement locally for Tenable specifically, the deal sees Arrow deliver security solutions directly to mid-market and enterprise channel partners on both sides of the Tasman.

Arrow exclusively introduces Tenable Network Security to A/NZ channel
Examining the changing job scene in the Kiwi channel

Examining the changing job scene in the Kiwi channel

Typically, the New Year brings new opportunities for personnel within the Kiwi channel. 2017 started no differently, with a host of appointments, departures and reshuffles across vendor, distributor and reseller businesses. As a result, the job scene across New Zealand has changed - here’s a run down of who is working where in the year ahead…

Examining the changing job scene in the Kiwi channel
​What are the top 10 tech trends for New Zealand in 2017?

​What are the top 10 tech trends for New Zealand in 2017?

Digital Transformation (DX) has been a critical topic for business over the last few years and IDC is now predicting a step change as DX reaches macroeconomic levels. By 2020 a DX economy will emerge and it will become the core of what New Zealand industries focus on. From the board level through to the C-Suite, Kiwi organisations must be prepared to think and act digital when the DX economy emerges in 2017.

​What are the top 10 tech trends for New Zealand in 2017?
Show Comments