A VARIANT of cyber fraud that uses evolved versions of the notorious Zeus and Spyeye malware to target rich companies and high-earning individuals has been reported by McAfee.
The California security firm discusses the evolution of cyber criminals' strategies in its Dissecting Operation High Roller report issued on Tuesday.
"Unlike standard SpyEye and Zeus attacks that typically feature live [manual] interventions, we have discovered at least a dozen groups now using server-side components and heavy automation," the report said.
"With no human participation required, each attack moves quickly and scales neatly. This operation combines an insider level of understanding of banking transaction systems with both custom and off-the-shelf malicious code and appears to be worthy of the term 'organised crime'."
McAfee said that cyber criminals are increasingly looking at using automated systems to mount attacks, thus making the activity an increasingly lucrative business.
"This study found 60 servers processing thousands of attempted thefts from high-value commercial accounts and some high net worth individuals," read the report.
"As the attack shifted emphasis from consumers to businesses, mule business accounts allowed attempted transfers averaging in the thousands of Euros, with some transfers as high as €100,000."
The company also reported that while Europe is the primary target for cyber fraud rings, cyber crooks are also expanding their attacks across other parts of the world.
"Three distinct attack strategies have emerged as the targets have expanded from the European Union, to Latin America, to the United States," the report said. "Debunking the popular wisdom that only big banks are affected, the research documents attacks at every class of financial institution: credit union, large global bank, and regional bank."
McAfee estimated that virus villains have attempted at least €60m in fraudulent transfers from accounts at 60 or more financial institutions globally.
The McAfee report follows a warning by the head of British internal security service MI5, Jonathan Evans, who said that cyber attacks on government and businesses have reached 'astonishing' levels in the UK. µ