From: Signal Online (AFCEA)
The purpose of the attack is purely robbery, says a cyber expert, who has shared his McAfee report with government officials.
A cyber attack that could result in the theft of millions of dollars from American banks could take place this spring, according to a report from a noted cybersecurity expert. “What we’re dealing with here is a digital bank robber,” according to Ryan Sherstobitoff, a threats researcher with McAfee Labs and the principal author of the report entitled, “Analyzing Project Blitzkrieg, a Credible Threat.” And the attack mastermind could take additional steps to deter attacked banks from defending themselves and hinder their ability to recover stolen funds following such an attack.
The group behind the potential attack “is a collaboration or an alliance of ‘botmasters’ run by an individual named vorVzakone with the clear intention of robbing financial institutions,” Sherstobitoff explains in a report that was issued in mid-December. The white paper is based on months of in-depth analysis of Project Blitzkrieg, as it has been dubbed by vorVzakone’s website, and tracking the online activities of vorVzakone dating back to late summer 2012. “We know from forum posts he had published on an underground Russian cyberforum that was really meant for cybercriminals,” explains Sherstobitoff. Those posts detailed how the attack was to be coordinated around the release of a variant of the trojan malware popularly known in the hacker community as Gozi Prinimalka.
The system has been allegedly under development for several years, and vorVzakone’s plans included recruiting as many as 100 botmasters to launch the attack in 2013. The report offers detailed information on the online identity and the location of a computer server that is the central hub for Project Blitzkrieg, and, according to Sherstobitoff, it is further evidence that both the conspiracy and the threat are real.