Standard operating procedure for the identity theft industry involves
performing high-volume fraudulent transactions as quickly and quietly as
possible. But now researchers have found evidence of a new hacking group that
takes a different approach—one that’s less discreet and more destructive.
On Wednesday cybersecurity researchers at Secureworks issued a report
describing a new cybercriminal group that aims a one-two punch at banks. First
it collects banking customers’ passwords using a variation of the so-called
Black Energy software, which has infected thousands of computers worldwide to
create a "botnet" of hijacked machines. The machines use the collected passwords
to move funds into the hackers’ accounts, and then typically delete files from
the user’s computer to cover their tracks.