Kalpana Kalpana (Editor)

Operation High Roller

Updated on
Edit
Like
Comment
Share on FacebookTweet on TwitterShare on LinkedInShare on Reddit

Operation High Roller was a series of fraud in the banking system in different parts of the world that used cyber-collection agents in order to collect PC and smart-phone information to electronically raid bank accounts. It was dissected in 2012 by McAfee and Guardian Analytics. A total of roughly $78 million was siphoned out of bank accounts due to this attack. The attackers were operating from servers in Russia, Albania and China to carry out electronic fund transfers.

Specifications

This cyber attack is described to have the following features:

  • Bypassed Chip and PIN authentication.
  • Required no human participation.
  • Instruction came from cloud-based servers (rather than the hacker's PC) to further hide the identity of the attacker.
  • Included elements of "insider levels of understanding".
  • Banks in Europe, United States and Colombia were targeted.
  • Impacted several classes of financial institution such as credit unions, large global banks, regional banks, and high-net-worth individuals.

    • While some sources have suggested it to be an extension of man-in-the-browser attack Operation High Roller is reported to have harnessed a more extensive level of automation distinguishing it from the traditional methods.

    References

    Operation High Roller Wikipedia
    (Text) CC BY-SA