ZUNO is part of Raiffeisen Bank International, which also owns Tatra bank in Slovakia. (source: Sme)
Czech internet banking users may be susceptible to a new kind of cyber attack. Harmful codes are being embedded in suspicious email attachments, according to security software company Eset.
The malicious BlackSwap code can change the data of the payment order and thus avoid double verification, according to Robert Šuman, head of Eset’s Prague-based detection and analytics team.
“[The attackers] then send 60,000-200,000 Czech crowns to the account of the so-called strawmen,” Šuman explained, as quoted in a press release. “Their accomplices then withdraw the money from cash dispensers.”
Banks have been identified
The attacks, which are now targeting internet banking users in the Czech Republic, have repeatedly occurred in Poland and Spain.
“It isn’t an accident that the campaign is being spread these days,” said Miroslav Dvořák, technical director at the Czech subsidiary of ESET, as quoted in the press release. “Spam and phishing campaigns are regularly spread in times when multiple invoices are distributed. The end of the year, when companies finalise accounting and users buy Christmas presents online, is one of the busiest periods.”
Based on the analysis of malicious code, ESET’s researchers have already identified the banks targeted by the attackers and have informed their representatives. Though they cannot specify the financial damage caused, the losses in the past were significant.
