14 DAY TRIAL // After Bullitt County's bank account was recently drained of $415,000, due to malware being installed on the treasurer's computer, more similar cases have been reported across the United States. A public school district from near Pittsburgh was left short of over $700,000, while an auto parts business in Gainesville got $75,000 fraudulently transferred from its account.
The Washington Post reports that the complex scheme, which involves planting banking trojans on business computers, stealing their online banking credentials, then transferring important sums of money to mules recruited under false pretenses, is more widespread than previously believed.
An anonymous source within federal law enforcement confirmed for Security Fix that the Bullitt County case was just one of many ongoing investigations into similar incidents. One of the most serious problems that companies face, as a result of these attacks, is that banks are not bound by law to return the money into their account.
According to Beaver County Times, the Western Beaver School District has sued ESB Bank for authorizing 74 fraudulent electronic transfers from its bank accounts to 42 individuals across the US. The transfers occurred between December 29 and January 5 and totaled $704,610.
According to court documents, malware installed on Superintendent's Robert Postupac computer tricked the bank's system into authorizing money transfers from the school district's tax and general fund bank accounts. According to the contract between the bank and the school district, Postupac was not amongst the people allowed to withdraw money from these two particular accounts.
The similar case of a Gainesville company called Slack Auto Parts has also surfaced. According to its owner, almost $75,000 were siphoned out of the company's bank account after a computer became infected with the Clampi (aka Rscan) trojan. The money was transferred into the accounts of six money mules.
Cybercrooks are recruiting people as money mules by tricking them into believing that they are working as local agents for international companies. The job description involves helping these fictitious companies transfer money from their alleged business partners (the victims) to their overseas customers (the criminals).
Money mules end up being victims in this scheme too, because their banks can revert the fraudulent transfers, leaving their personal account balance on minus. However, the Western Union wire transfers they personally make to foreign countries can't be undone.