Cybergang Hid Money Trail Behind 'fake' Mules

Peaches

By Peaches,
in Spyware/Adware Information

 Share Followers 0

Recommended Posts

Peaches

Peaches

Posted
Posted
RSA: Cybergang Hid Money Trail Behind 'Fake' Mules

URLZone Trojan attackers made sure their real money mules remained anonymous

Oct 06, 2009 | 12:29 PM

By Kelly Jackson Higgins

DarkReading

Turns out the bad guys using a sophisticated banking Trojan that covers its tracks also hid the identities of the money mule accounts they used.

Researchers from RSA's FraudAction Research Team discovered that the cybergang recently exposed in a report by Finjan knew its URLZone crimeware was being scrutinized, so the group set up decoy mule accounts in attempt to dupe researchers and keep them from the real money-mule account information.

"The fraudsters check if the computer used by the researcher is part of the 'legitimate' botnet of URLzone-infected machines. If the computer is deemed to be a 'foreign' one -- in other words, if the criminals do not know the computer -- they deliver a fake mule account to the computer used by the researcher," RSA researchers blogged last night. "This is the way they prevent their real mules from being exposed."

More details at DarkReading - http://www.darkreading.com/security/vulner...cleID=220301299

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Followers 0
Go to topic listing