Attackers Use Mobile Emulators on an Unprecedented Scale to Steal Millions of Dollars in a Few Days

Attackers set up a network of mobile emulators capable of spoofing devices of real banking customers from the United States and Europe, according to an investigation from IBM Trusteer.
The process of stealing someone”s banking information is not easy, but setting up a system in which attackers use that data in an automated way, permitting them to hit thousands of targets in the course of a few days, is not so common.
The automation process is possible with the help of mobile emulators that act like the real devices. After attackers get their hands on valid customer accounts, in conjunction with compromised devices, they spoof real devices and steal a lot of money in a very short amount of time.
“The scale of this operation is one that has never been seen before, in some cases, over 20 emulators were used in the spoofing of well over 16,000 compromised devices,” said IBM. “The attackers use these emulators to repeatedly access thousands of customer accounts and end up stealing millions of dollars in a matter of just a few days in each case. After one spree, the attackers shut down the operation, wipe traces, and prepare for the next attack.”
To carry out an attack of this magnitude, attackers need a lot of information, usually including the account holders” usernames and passwords, access to mobile identifiers, and SMS message contents (to bypass two-factor authentication.) These last two conditions imply that spoofed mobile devices are already infected with malware.
Even if the compromised device and the emulator are in different countries, the software could spoof the GPS location.
“When a compromised device operated from a specific country, the emulator spoofed the GPS location. From there, it connected to the account through a matching virtual private network (VPN) service,” IBM also said.
The operation lasted only a few days, then the attackers closed shop and erased all traces. Security researchers say they are likely ramping up for another campaign, so they issued a warning to financial institutions to protect their customers” information better and implement security solutions to deter this type of fraud.
Customers are not without obligations in this situation. They should be wary of unsolicited SMS messages, never install apps from unknown sources, regularly check banking statements to spot anomalies and use security solutions on mobile devices.
tags
Author
Right now
Top posts
What is medical identity theft and how to protect against it
July 27, 2022
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside
June 28, 2022
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online
June 28, 2022
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021
June 22, 2022
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data
May 24, 2022