Jump to content

Operation High Roller

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by InternetArchiveBot (talk | contribs) at 15:18, 4 March 2018 (Rescuing 1 sources and tagging 0 as dead. #IABot (v1.6.4)). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Operation High Roller was a series of fraud in the banking system in different parts of the world that used cyber-collection agents in order to collect PC and smart-phone information to electronically raid bank accounts.[1] It was dissected in 2012 by McAfee and Guardian Analytics.[2] A total of roughly $78 million was siphoned out of bank accounts due to this attack.[3] The attackers were operating from servers in Russia, Albania and China to carry out electronic fund transfers.[4]

Specifications

This cyber attack is described to have the following features:[5]

  • Bypassed Chip and PIN authentication.
  • Required no human participation.
  • Instruction came from cloud-based servers (rather than the hacker's PC) to further hide the identity of the attacker.
  • Included elements of "insider levels of understanding".
  • Banks in Europe, United States and Colombia were targeted.
  • Impacted several classes of financial institution such as credit unions, large global banks, regional banks, and high-net-worth individuals.

While some sources have suggested it to be an extension of man-in-the-browser attack[6] Operation High Roller is reported to have harnessed a more extensive level of automation distinguishing it from the traditional methods.[7]

See also

References