By George Hulme
June 21, 2010
A Belgian federal investigation into an electronic bank account heist
reveals a sophisticated attack designed to manipulate stock prices, a
Belgian newspaper reported over the weekend.
This news report in the Belgian newspaper De Tijd described a
highly-targeted botnet that was designed to infiltrate software trading
platforms. According to the story, and I'm relying on a Google
translation for this, authorities said there were 20 Belgian victims who
were infected, and the cyber-thieves used those accounts to manipulate
share prices and profit about 100,000 Euros.
The attacks were targeted at these investors, and the code was custom
written, according to the story. The infections and the centralized
control over the botnet made it possible for the botmaster to time all
of the infected systems to buy or sell shares concurrently. This attack
is another example of just how sophisticated cyber attacks have become,
and how useless traditional anti-virus systems are in combating modern
Many security experts aren't offering viable answers to these problems.
In response to the attack, a Trend Micro blog in Europe suggests each
banking transaction be verified to stop such attacks:
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com