From Russia, With Love: An Imminent Bank Security Threat

They’re forming in a straight line. They’re going through a tight wind. But unlike the “Blitzkrieg Bop” in the classic Ramones song, the kids aren’t losing their minds. Instead, they’re losing their money – and it’s possible you could too. Software firm McAfee has just recently confirmed that Project Blitzkrieg – a rumored cyber attack on U.S. banks this coming spring – is actually legit. The intent of the Russian hacker project is to steal millions of dollars from U.S. customers, bit by bit and dollar by dollar. It’s believed that some computers are already infected with the hack. Should you be worried?

Project Blitzkrieg is the brainchild of an infamous Russian hacker who goes by the screen name “vorVzakone.” Initially, officials were skeptical of the hack because  vorVzakone flagrantly broke the first commandment of cyber crime – he showed his face. In a bizarre six-part video release, he discussed Project Blitzkrieg and also offered to help cyber criminals avoid jail time for a fee of $40,000. Weird, right? But apparently, it’s the real deal.

Perhaps in case this protection racket doesn’t pan out, vorVzakone has been working on the huge hack that is Project Blitzkrieg since April of last year. According to McAfee, although no fraud has been committed yet, at least 500 US bank accounts have already been infected with the supercharged Trojan virus. The malware enters personal computers via email and collects user names, passwords and account data when people sign in to online banking sites.

On top of that, vorVzakone has devised a way to flood bank fraud hotlines via Skype for hours after the attack so that people are unable to report suspicious activity and so that he can make off with as much money as possible. If everything goes according to plan, Project Blitzkrieg will funnel $100 million dollars into vorVzakone’s pocket. This is all scheduled to go down sometime this coming spring.

The good news is that the scope of the attack appears to be pretty limited: vorVzakone appears to be targeting the very wealthy for the most part. He’s not playing Robin Hood – it’s just easier this way. As the McAfee report says, “A limited number of infections reduces the malware’s footprint and makes it hard for network defenses to detect its activities.” So unless you’ve got an investment bank account, you probably don’t have much to worry about. At least this time.

But Project Blitzkrieg does raise some valid concerns for the average person. The hacker was able to infect 500 big-money accounts before authorities caught on, so it’s certainly easy enough for vorVzakone (or other hackers) to get into the average account. Not only that, he’s been totally brazen, revealing his face, home and car online, and he still hasn’t been stopped. He’s stolen $5 million in past schemes, and it stands to reason that if he pulls off this big heist, he’s only going to get bolder and broaden his reach. In some of his videos, he’s even reached out to fellow cyber criminals to ask them to join his ring.

So what can you do to keep yourself safe from such an attack? Well, there’s the obvious stuff that everyone knows – be wary of weird emails, don’t click on strange attachments and make sure your antivirus software is up to date. Beyond that, pay attention to potential threats in the news and monitor your bank account activity like a hawk. You might also create throwaway email accounts for posting in online forums. Any online fraud safety tips we missed? Let us know in the comment section.