Threat of mass cyberattacks on U.S. banks is real, McAfee warns

A new security report by McAfee confirms that cybercriminals claiming to hack into hundreds of bank accounts next spring is a "credible threat."

Dara Kerr Former senior reporter

Dara Kerr was a senior reporter for CNET covering the on-demand economy and tech culture. She grew up in Colorado, went to school in New York City and can never remember how to pronounce gif.

See full bio

Dara Kerr

Dec. 13, 2012 7:28 p.m. PT

2 min read

McAfee Global Threat Intelligence shows a vorVzakone malware campaign that targeted victims across the U.S. during a two-month period, with the latest victim infected on October 25. McAfee Labs

The wave of distributed denial of service attacks that hit U.S. banks in October was next-to-nothing compared to what could happen if cybercriminals actually carry through with their plans for next year.

According to a report (PDF) released today by McAfee Labs, an impending attack on U.S. financial institutions -- dubbed Project Blitzkrieg -- isn't only a possibility, it's a "credible threat."

"McAfee Labs believes that Project Blitzkrieg is a credible threat to the financial industry and appears to be moving forward as planned," the report reads. "Although Project Blitzkrieg hasn't yet infected thousands of victims and we cannot directly confirm any cases of fraud, the attackers have managed to run an operation undetected for several months while infecting a few hundred."

Project Blitzkrieg is believed to be headed by an individual known as vorVzakone, according to McAfee. In September, vorVzakone announced a massive fraud campaign to be launched against 30 U.S. banks in spring 2013. VorVzakone also put out a call to arms for fellow hackers to join his cause. The attacks are said to be done with a highly developed Trojan that could infect victims' computers, plant software, and allow cybercriminals to steal information and money.

Despite several security analysts doubting the legitimacy of vorVzakone's claims or believing the campaign was called off since it has become public, McAfee still believes the threat exists. Security researchers for the company were able to find evidence of vorVzakone using a Trojan a couple of months ago that infected between 300 to 500 victims' computers throughout the U.S.

Rather than being a sweeping attack, McAfee said the campaign will selectively target accounts at investment banks, consumer banks, and credit unions. Going after selected groups makes it easier for vorVzakone to stay under the radar and not be detected by network defenses, according to McAfee.

"This attack combines both a technical, innovative backend with the tactics of a successful, organized cybercrime movement," McAfee's report reads. "If the aims of Project Blitzkrieg, as vorVzakone has claimed, become fully realized by spring 2013, the financial industry needs to be prepared."