Security researchers at McAfee labs believe Project Blitzkrieg, a plan to use malware to steal money from 30 banks in the U.S., is a real threat not to be taken lightly.
The security company released a report about the project that was originally announced in September on a Russian forum. A cyber-criminal by the handle “vorVzakone” originally posted the intent to hack into 30 banks across the U.S. and steal information and money using a trojan. A trojan is a type of malware that secretly enters a computer system by pretending to be something innocuous.
McAfee says that the forum post originally called for developer help and said the trojan would be launched within a few weeks. Timing for the attacks have not been confirmed, though a number of banks were recently hit with denial of service attacks (DDOS) that took down their websites. DDOS attacks work by flooding a system’s servers with traffic, causing it to overload and shut down. This kind of attack does not actually reach the inside of the system, allowing hackers access, but is sometimes used a diversion tactic while hackers silently gain illegal access to the servers.
“McAfee Labs believes that Project Blitzkrieg is a credible threat to the financial industry and appears to be moving forward as planned. Not only did we find evidence validating the existence of an early pilot campaign operated by vorVzakone and his group using the Trojan Prinimalka that infected at a minimum 300 to 500 victims across the United States, but we were also able to track additional campaigns as a result of the forum posting,” said McAfee Labs threat researcher Ryan Sherstobitoff in the report.
McAfee believes the trojan in use here is called Prinimalka, a piece of malware originally built in 2008. VorVzakone’s forum post also said that the trojan had already stolen $5 million from unknown institutions.