Crooks freeze bank's site and client's site as a distraction to steal $900,000

Financial Services // California, United States

Crooks flood a financial institution’s website with junk traffic to freeze it -- as a distraction, while they robbed one of the bank’s clients of more than $900,000. Cyber crooks started by moving money out of corporate accounts belonging to Ascent Builders, a construction firm. Then, the company’s financial institution – Bank of the West — came under a large distributed denial of service (DDoS) attack. “KrebsOnSecurity contacted Ascent Builders on the morning of Dec. 26 to inform them of the theft, after interviewing one of the money mules used in the scam. Money mules are individuals who are willingly or unwittingly recruited to help the fraudsters launder stolen money and transfer the funds abroad. The mule in this case had been hired through a work-at-home job offer after posting her resume to a job search site, and said she suspected that she’d been conned into helping fraudsters.” The money mule was one of 62 such individuals in the United States recruited to haul the loot. The president of Ascent Builders “said that when the company’s controller originally went online on the morning of Dec. 24 to check the firm’s accounts, her browser wouldn’t let her access the bank’s page. She didn’t know it at the time, but her computer was being remotely controlled by the attackers’ malware, which blocked her from visiting the bank’s site.” ‘It said the bank was offline for 24 hours, and we couldn’t get in to the site, Shope told Krebs. ‘We called the bank and they said everything was fine.’ Not long after transferring money, “the fraudsters initiated a DDoS attack against the bank’s Web site, effectively knocking it offline.”