By Brian Krebs
Krebs on Security
February 16th, 2010
An insurance firm in Michigan lost nearly $150,000 this month as a
result of a single computer virus infection.
Port Austin, Mich. based United Shortline Insurance Service Inc., an
insurance provider serving the railroad industry, discovered on Feb. 5
that the computer used by their firm's controller was behaving oddly and
would not respond. The company's computer technician scoured the system
with multiple security tools, and found it had been invaded by "ZeuS," a
highly sophisticated banking Trojan that steals passwords and allows
criminals to control infected hosts remotely
The following Monday, Feb. 8, United Shortline received a call from the
Tinker Federal Credit Union at Tinker Air Force Base in Oklahoma,
inquiring about a suspicious funds transfer one of its customers had
received for slightly less than $10,000.
After that call, United Shortline President Louis M. Schillinger said
the firm found 14 other such unauthorized transfers had been made from
the company's account to individuals across the United States who had no
prior business with Shortline.
"I said, 'Oh my God, someone's just taken all of the money out of our
trust account,'" Schillinger said. The hackers moved money from the
company's trust account over to its operating account, and then made the
illicit transfers from there.
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News