Giuliano J. de Leon, Tech Times

A new massive hack affected thousands of people! The hackers used emulators to copy their victims' devices and steal millions of dollars from their online bank accounts.

IBM Trusteer researchers discovered the new massive fraud operation. The security experts said that the attack's scale was unlike anything they have seen for the past few years. The attackers used around 20 emulators to mimic more than 16,000 smartphones.

The devices belonged to mobile bank customers. Security researchers added that cyber criminals were able to spoof more than 8,100 devices using a single emulator.

How the hackers pulled off the large breach

The cybercriminals used device identifiers to bypass the banks' security protections. These identifiers correspond to each compromised account holder and spoofed GPS locations.

The hackers used the victims' IDs, which they acquired from compromised smartphones. In some cases, they pretend to be customers who were accessing their accounts from their new phones.

Also Read: Microsoft, SolarWinds Hacking: Attackers Remove Evidences of the Biggest Hack of the Decade

Since it is a massive breach, the attackers were able to bypass multi-factor authentication by accessing SMS messages.

"This mobile fraud operation managed to automate the process of accessing accounts, initiating a transaction, receiving and stealing a second factor (SMS in this case), and in many cases using those codes to complete illicit transactions," said Limor Kessem and Shachar Gritzman, one of the IBM Trusteer researchers, via The Wired's latest report.

Another massive attack breached Microsoft

According to CNET's previous report, Microsoft found out that 40 of its customers were targeted in another massive attack linked to Russia.  The giant software provider confirmed that 80% of its compromised customers were in the United States.

It added that the remaining victims reside in Mexico, Canada, Belgium, the United Kingdom, the United Arab Emirates, Israel, and Spain. This just shows that the attack is also a wide one.

Brad Smith, Microsoft's chief counsel, explained that it is expected that the location and number of victims will still expand. He added that the list of targets includes security firms, government agencies, and other technology companies.

For more news updates about other online breaches, always keep your tabs open here at TechTimes.

Related Article: SolarWinds-Linked Hackers Attack the US Department of Energy and the National Nuclear Security Administration

This article is owned by TechTimes.

Written by: Giuliano de Leon.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Tags: Massive Hack Emulators Mimic Phones Customers Dollars
Join the Discussion