Danish newspaper Politiken reports that foreign hackers are attacking and emptying Danish accounts online bank accounts. So far, 8,000 online accounts have been closed as a result of these attacks.
Online banking in much more used in the Scandinavian countries than elsewhere. And so far, the security has been assumed to be good. There have been numerous attacks from hackers, but generally the systems have been able to fend off the hackers.
Recently, however, Danish online banks have been exposed to a series of far more vicious attacks that have been successful. Hackers that seem to be of Eastern European origin are systematically breaking into Danish online bank accounts and emptying them of funds. Politiken writes:
“We are doing the best we can to be on guard and discover the attacks. But the fact of the matter is that all online banking customers with a PC that is not fully updated are in the risk zone,” Danish Bankers Association spokeswoman Birgitte Mikkelsen tells Politiken.
Some 3.3 million Danes, out of a population of 5.5 million, currently use online banking. Many of them are at risk simply because they have not updated all of the programmes on their PC.
Where previous hacker risks took place because people opened an attached, infected file – the new method of attack takes place without the user being aware of any incursion.
Hackers can use a gateway in an un-updated programme such as iTunes, a PDF reader or Java to lodge spyware which waits until the user keys in an online banking code. The code is then sent to a hacker who is able to log in to bank accounts and transfer funds to another account.
“There is a major risk here because the user doesn’t know that he or she is vulnerable. The banks do a lot in the battle against hackers, but the user must take responsibility for his or her own computer security,” says Peter Kruse of the Csis company, which cooperates with Danish banks to increase security.
The scam is pretty well organized. Chief Inspector Henning Schmidt of the Copenhagen Police Section for Economic Crime confirms that the current attack can be tracked to countries where Russian is spoken. He also indicates that the Russian, Ukrainian or Baltic hackers also use Danish mules or middlemen who make sure that the hacker gets his stolen funds.