Cybercrooks use DDoS attacks to mask theft of banks' millions..
Analyst says three unidentified US banks have been hit with "low powered" DDoS attacks to cover fraudulent wire transfers.
Distributed denial of service attacks have been used to divert security personnel attention while millions of dollars were stolen from banks, according to a security researcher.
At least three US banks in recent months have been plundered by fraudulent wire transfers while hackers deployed "low powered" DDoS attacks to mask their theft, Avivah Litan, an analyst at research firm Gartner, told SCMagazine.com. She declined to name the institutions affected but said the attacks appeared unrelated to the wave of DDoS attacks last winter and spring that took down Web sites belonging to JP Morgan , Wells Fargo, Bank of America, Chase, Citigroup, HSBC, and others.
"It wasn't the politically motivated groups," she said. "It was a stealth, low-powered DDoS attack, meaning it wasn't something that knocked their website down for hours."
Litan described the attack method in a blog post last week that warned banks' losses could have been much greater.
"Once the DDoS is underway, this attack involves takeover of the payment switch (eg, wire application) itself via a privileged user account that has access to it," she wrote. "Now, instead of having to get into one customer account at a time, the criminals can simply control the master payment switch and move as much money from as many accounts as they can get away with until their actions are noticed."