Slovenian police on Thursday raided 12 homes and arrested five Slovenian citizens in connection with sending malware-packed email to small and medium businesses’ accounting departments.
The email was spoofed to look like it came from a local bank or, in one case, the state tax authority, and it typically warned of a late payment.
The fake tax letter fictionalized a change of legislation that would financially affect the targeted victim. The email came with an attachment that carried a trojan.
The RAT (Remote Administration Toolkit) contacted a controlling server that frequently changed network location.
Once a target clicked on the attachment and installed the RAT, the cybercriminals could observe activity on the infected system.
With stolen credentials and, sometimes, if the victim didn’t remove the smart card containing a bank-issued certificate from a reader after use, the victimized companies’ bank accounts were laid wide open for ransacking.
According to a release from SI-CERT...
Read the rest of this post on Naked Security.
The post Five Slovenians arrested for $2.5M email banking fraud appeared first on Lisa Vaas.