Close Menu
TechCentralTechCentral

    Subscribe to the newsletter

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    Facebook X (Twitter) YouTube LinkedIn
    WhatsApp Facebook X (Twitter) LinkedIn YouTube
    TechCentralTechCentral
    • News

      Blue Label Telecoms to change its name as restructuring gathers pace

      11 July 2025

      Get your ID delivered like pizza – home affairs’ latest digital shake-up

      11 July 2025

      EFF vows to stop Starlink from launching in South Africa

      11 July 2025

      Apple plans product blitz to reignite growth

      11 July 2025

      Nissan doubles down on South Africa despite plant uncertainty

      11 July 2025
    • World

      Grok 4 arrives with bold claims and fresh controversy

      10 July 2025

      Bitcoin pushes higher into record territory

      10 July 2025

      Cupertino vs Brussels: Apple challenges Big Tech crackdown

      7 July 2025

      Grammarly acquires e-mail start-up Superhuman

      1 July 2025

      Apple considers ditching its own AI in Siri overhaul

      1 July 2025
    • In-depth

      Siemens is battling Big Tech for AI supremacy in factories

      24 June 2025

      The algorithm will sing now: why musicians should be worried about AI

      20 June 2025

      Meta bets $72-billion on AI – and investors love it

      17 June 2025

      MultiChoice may unbundle SuperSport from DStv

      12 June 2025

      Grok promised bias-free chat. Then came the edits

      2 June 2025
    • TCS

      TCS+ | MVNX on the opportunities in South Africa’s booming MVNO market

      11 July 2025

      TCS | Connecting Saffas – Renier Lombard on The Lekker Network

      7 July 2025

      TechCentral Nexus S0E4: Takealot’s big Post Office jobs plan

      4 July 2025

      TCS | Tech, townships and tenacity: Spar’s plan to win with Spar2U

      3 July 2025

      TCS+ | First Distribution on the latest and greatest cloud technologies

      27 June 2025
    • Opinion

      In defence of equity alternatives for BEE

      30 June 2025

      E-commerce in ICT distribution: enabler or disruptor?

      30 June 2025

      South Africa pioneered drone laws a decade ago – now it must catch up

      17 June 2025

      AI and the future of ICT distribution

      16 June 2025

      Singapore soared – why can’t we? Lessons South Africa refuses to learn

      13 June 2025
    • Company Hubs
      • Africa Data Centres
      • AfriGIS
      • Altron Digital Business
      • Altron Document Solutions
      • Altron Group
      • Arctic Wolf
      • AvertITD
      • Braintree
      • CallMiner
      • CambriLearn
      • CYBER1 Solutions
      • Digicloud Africa
      • Digimune
      • Domains.co.za
      • ESET
      • Euphoria Telecom
      • Incredible Business
      • iONLINE
      • Iris Network Systems
      • LSD Open
      • NEC XON
      • Network Platforms
      • Next DLP
      • Ovations
      • Paracon
      • Paratus
      • Q-KON
      • SevenC
      • SkyWire
      • Solid8 Technologies
      • Telit Cinterion
      • Tenable
      • Vertiv
      • Videri Digital
      • Wipro
      • Workday
    • Sections
      • AI and machine learning
      • Banking
      • Broadcasting and Media
      • Cloud services
      • Contact centres and CX
      • Cryptocurrencies
      • Education and skills
      • Electronics and hardware
      • Energy and sustainability
      • Enterprise software
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Lifestyle
      • Motoring
      • Public sector
      • Retail and e-commerce
      • Science
      • SMEs and start-ups
      • Social media
      • Talent and leadership
      • Telecoms
    • Events
    • Advertise
    TechCentralTechCentral
    Home » In-depth » The modern way to rob a bank

    The modern way to rob a bank

    By Editor30 July 2014
    Twitter LinkedIn Facebook WhatsApp Email Telegram Copy Link
    News Alerts
    WhatsApp

    hacker-640

    The number of physical robberies on banks has fallen dramatically in recent years, but the amount of money banks are losing through electronic methods has rocketed. In 2013, for example, the annual fraud indicator estimated the annual cost of fraud in the UK was £52bn what it was five years before. So it’s easy to put up CCTV cameras, bulletproof glass and alarm bells, but in an electronic world there are infinite ways to commit fraud.

    In fact, there are so many targets in an electronic world that criminals can focus their efforts on the customer, the bank or the merchant. With virtually no footprint at all, criminal gangs can install malware within any part of the e-commerce infrastructure and either steal user credentials or modify transactions. It may be tempting to see this as a victimless crime, but large-scale fraud can have serious implications on the global financial market, not to mention user trust.

    Individuals have been finding ways around electronic security for decades. Well known examples include John Draper (aka Captain Crunch), who in the 1970s used a whistle tuned to 2,6kHz that was given away in cereal packs to fool the pitch-controlled security system on the US telephone network, allowing him to make long-distance calls free of charge. Then there was Vladmir Levin, from Russia, who siphoned off millions from Citibank customers in the early 1990s by finding a way around their dial-up wire transfer service.

    These days, any “script kiddie” can create their own targeted attack on the finance system. You don’t need extensive programming skills or even a deep knowledge of how the e-commerce infrastructure works. A key target is the end user, since they tend to be the weakest link in the chain.

    The latest reminder came with the recent attacks on Boleto Bancário, the Brazilian inter-bank payment system, which were announced earlier this month. Known colloquially as Boleto, a vast amount of low-dollar transactions were hijacked by the latest malware, most probably set up by Brazilian organised crime gangs. With the theft amounting to nearly US$4bn, it could be the largest fraud in history.

    Boleto is the second most popular payment method in Brazil after credit cards and has around 18% of all purchases. It is typically used to pay phone and shopping bills. One reason it is popular is that many Brazilians don’t have a credit card, and even when they do have one, they are often not trusted.

    The fraud was very simple. It tricked customers into installing a piece of malware on their system and then waited until they visited their bank’s website. It spread using what is called spear phishing, which is the most common method these days, where users are sent e-mails with links on them. When the user clicks on them, they will run a program on their computer, and install the malware.

    The malware used what is called a man-in-the-browser attack, where the malware sits in the browser, including Google Chrome, Mozilla Firefox and Microsoft Internet Explorer. It is known commonly as a Eupuds, which is classified as an information-stealing Trojan that stays alive by writing itself on to a user’s hard drive and modifying the relevant Windows registry key so that it starts every time the computer is booted up. As well as infecting browsers using Windows operating systems, it can also steal information through the likes of Windows Live/Hotmail and Facebook.

    In the case of Boleto, it worked by detecting the traffic between the browser and server by searching for specific relevant strings linked to bank sites. It then recorded all the information that had to be submitted about the recipient of the Boleto transaction. It then submitted the transfer for payment and modified it by substituting an attacker’s account for the recipient’s one. As many as 200 000 IP addresses were infected and 83 000 user e-mail credentials were stolen in a scheme that had been going on for two years.

    Of the statistics received, all the infected machines were running Windows. The majority were running Windows 7 (78,3%), with Windows XP second (17.2%). Of the browsers detected, the most popular was Internet Explorer (48,7%), followed by Chrome (34%) and Firefox (17,3%); and the most popular e-mail domain used to steal user credentials was hotmail.com (94%). The reason that the impact was so great is that Boleto is only used in Brazil, thus malware detection software has not targeted it since it is a limited market.

    All the same, the threat should have been detected more quickly. The first signs of the Zip file containing the malware appeared in 2010. Cisco Systems was highlighting the distribution of the spam e-mails in 2012 and more warnings highlighted the threat last year.

    These attacks should serve as a wake-up call for the finance industry and governments around the world. What is most worrying about this type of fraud is that it could compromise the whole of the finance industry. It could even bring down major finance companies and even nation states with a single large-scale event.

    As long as there’s one person willing to click on a link in an e-mail, there is the potential for fraud. This is why the focus is moving towards end users.The Conversation

    So, what’s the solution? Users need to watch what they click and protect their systems by installing the latest upgrades from the likes of Microsoft and having up-to-date antivirus software. Even then, these are dangerous times to bank.

    • Bill Buchanan is head of the Centre for Distributed Computing, Networks and Security at Edinburgh Napier University
    • This article was originally published on The Conversation


    Subscribe to TechCentral Subscribe to TechCentral
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email Copy Link
    Previous ArticlePretoria schools get free Wi-Fi
    Next Article Schindehütte hearing to resume

    Related Posts

    Blue Label Telecoms to change its name as restructuring gathers pace

    11 July 2025

    Get your ID delivered like pizza – home affairs’ latest digital shake-up

    11 July 2025

    TCS+ | MVNX on the opportunities in South Africa’s booming MVNO market

    11 July 2025
    Company News

    $125-trillion traded: Binance redefines global finance in just eight years

    11 July 2025

    NEC XON welcomes HPE acquisition of Juniper Networks

    11 July 2025

    LTE Cat 1 vs Cat 1 bis – what’s the difference?

    11 July 2025
    Opinion

    In defence of equity alternatives for BEE

    30 June 2025

    E-commerce in ICT distribution: enabler or disruptor?

    30 June 2025

    South Africa pioneered drone laws a decade ago – now it must catch up

    17 June 2025

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2025 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.