Hackers steal money from bank accounts of users with stolen IMEI numbers

Experts have warned about the company Trusteer fraudulent schemes in remote banking.

Company experts Trusteer reported finding two fraudulent schemes in e-banking systems (DBS), through which hackers steal money from bank accounts of users. This was written in the blog of the company CTO Amit Klein (Amit Klein).

According to the company, in the first case, hackers use Trojan Gozi, which allows them to steal the identity of mobile phone numbers (IMEI) when the user logs in to your account in the DBS. Malicious software integrates into the browser a fake message from a bank where you want to enter the IMEI code of the mobile phone user, consisting of 15 digits.

Once attackers get the number IMEI, they bind to the victim service provider, report the loss or theft of the device and request a new SIM-card with a phone number that is bound to the specified IMEI. Thus, all data sent to the number of victims, fraudsters sent to the controlled device.

The second fraudulent scheme to obtain details of bank accounts of victims of hackers using phishing attack, or attack the “man in your browser» (Man in the Browser, MitB). Then the attackers to the police with a false statement about the theft of the phone. The police are represented trustees of the victim. Later, hackers provide a statement of the mobile operator as a basis for issuing a new SIM-card.

After receiving the SIM-card fraudsters are calling the victim and, posing as bank employees, reported that within 12 hours banking services are unavailable. All SMS-message with the one-time password received on the phone hackers, in which the resulting set of SIM-card. Using the stolen data of the victim, the attackers have access to the account of the victim in the RBS and removed from the accounts of its funds.

Tagged , , , , , , , , , , , , , ,