Millions looted as DDoS attacks provide cover for wire transfer heists

A wave of Distributed Denial of Service (DDoS) attacks have been used as cover for the plunder of millions of dollars in fraudulent wire transfers at three US banks in recent months, according to a Gartner analyst.

  8 Be the first to comment

Millions looted as DDoS attacks provide cover for wire transfer heists

Editorial

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

Gartner's Avivah Litan says DDoS attacks are an increasingly popular method for criminals to divert bank security staff attention while defrauding bank systems.

In a blog post, Litan explains the modus operandi deployed by the crooks: "Once the DDoS is underway, this attack involves takeover of the payment switch (e.g. wire application) itself via a privileged user account that has access to it. Now, instead of having to get into one customer account at a time, the criminals can simply control the master payment switch and move as much money from as many accounts as they can get away with until their actions are noticed."

In April, Dell SecureWorks Counter Threat Unit (CTU) highlighted the utilisation of a $200 malware kit called Dirt Jumper that launches low-level DDoS attacks to divert attention of bank security teams during wire transfer heists. The report said the sums switched ranged from $180,000 to $2.1 million.

Gartner's Litan says "considerable financial damage" has resulted from these stealth attacks, with at least three US banks losing millions of dollars to the fraud in recent months.

"One rule that banks should institute is to slow down the money transfer system while under a DDoS attack," Litan advises. "More generally, a layered fraud prevention and security approach is warranted."

Sponsored New Report – The Future of AI in Financial Services 2025

Related Company

Comments: (0)

[Webinar] Trusted Transactions: The Future of Risk-Based AuthenticationFinextra Promoted[Webinar] Trusted Transactions: The Future of Risk-Based Authentication