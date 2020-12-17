“Evil mobile emulator farms” used to steal millions from US and EU banks

"Automating fraud

“This mobile fraud operation managed to automate the process of accessing accounts, initiating a transaction, receiving and stealing a second factor (SMS in this case) and in many cases using those codes to complete illicit transactions,” IBM Trusteer researchers Shachar Gritzman and Limor Kessem wrote in a post. “The data sources, scripts and customized applications the gang created flowed in one automated process which provided speed that allowed them to rob millions of dollars from each victimized bank within a matter of days.”"

https://arstechnica.com/information...-used-to-steal-millions-from-us-and-eu-banks/
 
Steals 2nd factor, nice. Disable on-line transfers on your accounts. Several banks now use voice recognition when you call in.
 
Zarathustra[H] said:
I wonder how they accomplish this.

Do they have malware on the users phone that intercepts it, or are they somehow compromising the phone network?
They have hacked the phones and stolen the device id most likely and cloned.
 
Zarathustra[H]

Zarathustra[H]

Fully [H]
Joined
Oct 29, 2000
Messages
31,394
Mega6 said:
They have hacked the phones and stolen the device id most likely and cloned.
Hmm. I thought the GSM standard had cryptographical keys on the chips, similar to RSA keys used for cryptographic authentication in SSH.

I didn't think they could just be duplicated.

I don't have a very good understanding of GSM networks though, so I could be wrong.
 
