In the coming days, some hackers would be busy preparing a "debit card" attack to be performed on a global scale.
According to "CNN", the alarm was launched by the FBI, according to which cybercriminals could act next weekend when the bank's reaction capacity is slowed down. The timing was also confirmed by KrebsOnSecurity, a security company, according to which this type of attack usually takes place on weekends, after the closure of the activities by the banking institutions on Saturdays.
Hackers have come up with a new technique that involves combining computer attacks with old-fashioned scams.
On the one hand, hackers would compromise information systems to tamper with user settings and remove anti-fraud mechanisms by spreading malware. In particular, the daily withdrawal limit would be deactivated, which is the main obstacle if you want to steal important sums. At this point, you would enter the classic scam: with cloned cards or with numbers of cards found in the dark web and used, thanks to the help of counterfeiters, to deceive the ATMs. Potentially it would be a million dollar coup, the biggest ever seen in this sector.
According to the FBI, banks should review their own security standards, for example:
• Implementing two-factor authentication systems with physical or digital tokens for local administrators or other strategic roles but also for withdrawals exceeding certain thresholds
• Adopt whitelists - lists of entities to which specific privileges are recognized - to stop the spread of malware
• Monitor, control and limit the administrator accounts with the possibility to modify their attributes as well
• Monitor the presence of remote network protocols and administration tools such as Powershell and TeamViewer
• Monitor encrypted traffic (SSL or TLS) from non-standard ports
• Monitor network traffic in regions where outbound connections from financial institutions would not be expected