Date post: | 01-Jun-2015 |
Category: |
Economy & Finance |
Upload: | luc-beirens |
View: | 845 times |
Download: | 0 times |
Belgian Federal Judicial Police
Federal Computer Crime Unit
© Luc Beirens
« Security in e-banking is a shared responsiblity »
© 2012 FCCU - Luc Beirens
Topics
Scheme
2007-2012 Evolution
Victims
Money mules
Criminals
Future
© 2012 FCCU - Luc Beirens
e-banking fraud is only part of the cybercrime
© 2012 FCCU - Luc Beirens
Cybercriminals working together
© 2012 FCCU - Luc Beirens
4 Activity spying Keylogging
Fake Company
Proxy
Spam
Money collector
Money Mule
eBank user Bank site
Money Mule
10
5
11
7
12 13
Trojan distribution campain
Hackers
Knowledge
database
1
Local storage
2 Use of intermediate systems to control network
Bank account transfer
3
© Luc Beirens
6
Surfing to banking website & Authentication
8 Preparation
Money transfer order
Proxy
Confirmation :
Screen injects
Telephone calls
2007-2012 e-banking cases
Experiences e-Banking cases 2007 : handled seperately
Start of Federal Police - Febelfin cooperation Complaints => centralized information & analysis
Engagement Police – Justice Federal Prosecutor’s office coordinating Local Prosecutors
Investigating ICT traces : FCCU
Investigating Financial traces : DJF and FJP Bxl
Cooperation with Europol & Eastern European countries
Success Most with financial traces => money launderers
○ Several money mules brought to court in BE & abroad
Some coders / hackers still under investigation abroad
© 2012 FCCU - Luc Beirens
Success ?
BE : less than 200.000 euro in 2011 Compared to 36 million euro in Netherlands
Well protected BE payment systems
Fast collaboration => know how criminals work
Fast adaptation of techniques for detection, avoidance, damage control
Awareness to large public Press releases / information sessions
Websites on e-security
© 2012 FCCU - Luc Beirens
Victims
ALL of them were infected with Trojans
Some of them had several hunderds Trojans
Very often no AV products
Operating system / applications not updated
Unaware of risks / methods
© 2012 FCCU - Luc Beirens
Who are behind the fraud ?
Horizontal organized crime : specialized teams
Trojan developers
Botnet managers
Financial operators => information / operations
Money launderers => operations department
Underground economy
Place where criminal specialists meet
Using encryption / hiding techniques
© 2012 FCCU - Luc Beirens
Underground exhange services
Market of Trojans and botnets
Zeus, SpyEye
Self configurable Trojan kits with support
Infection ways : mail, social media, P2P, web
Integration of functionalities Read, write, install access to harddisk
Internet connection interception and code injection
Keylogging
Screen captures
Webcam & microphone activation
Managed over botnets
© 2012 FCCU - Luc Beirens
Money mules
Several levels of money mules 1st level => in BE / 2nd level => after money transfert
Organizers Recruitment and managing money mules
Organizing – laundering operations
New schemes to enable money laundering Large expensive orders to shops / hotels – cancelled
New dating friends asking for money transfers
Money mules used for different purposes E-banking / Internet fraud
© 2012 FCCU - Luc Beirens
Evolution
Trojans and botnets : multipurpose tool for cyber crime
Cooperation Febelfin-Police : detect new modus
Focus on awareness Responsiblity of every party concerned
Focus European and BE police strategy Taking away the weapens of the criminals
Disrupting / dismantle botnets
Together with all other partners
© 2012 FCCU - Luc Beirens
Contact information
Belgian Federal Judicial Police
Direction for economical and financial crime
Federal Computer Crime Unit Notelaarstraat 211 - 1000 Brussels – Belgium
Tel office : +32 2 743 74 74
Fax : +32 2 743 74 19
Head of Unit : [email protected]
Twitter : @LucBeirens
© 2012 FCCU - Luc Beirens