(WEB HOST INDUSTRY REVIEW) — According to a variety of reports appearing yesterday and today, the Federal Bureau of Investigation is looking into reports that hackers targeting Citigroup succeeded in stealing tens of millions of dollars – a report that Citigroup is denying.
The investigation was first reported late yesterday in a Wall Street Journal story, which said federal officials were looking into an attack that targeted Citigroup’s subsidiary Citibank.
The attack, which was detected during the summer, may have taken place up to a year earlier, according to reports, which also said the hackers may have gained access to the bank through a third party’s systems.
Citigroup issued a statement denying that there was a breach, or that anything was stolen.
“There has been no breach and there have been no associated losses,” said the statement, adding that all financial institutions occasionally encounter instances of fraud or breaches of third-party systems that force them to take actions to protect customers.
According to the WSJ report, which cited unnamed government sources, two other agencies were targeted by hackers, including a government institution.
The article cites a specific Citibank customer who saw more than $1 million removed from his account and sent to accounts in Latvia and the Ukraine. Citigroup helped the customer recover most of the money. The company called the incident an isolated case of fraud, in a statement.
Among security experts, concern is growing about the volume and variety of attacks against banks and other institutions.
In a statement sent to the WHIR by email, Amichai Shulman, CEO of security company Imperva says, “my analysis of this report is that we are talking about a man-in-the-browser attack. That is, a Trojan controlled through a botnet that operates from within the browser and inserts false transactions into a user’s sessions. In view of this it is clear why Citibank did not report or ‘notice’ any breach. The breach is not on Citi’s side but rather on the consumer side.”
“It does point to the growing sophistication of the attacker as we’ve mentioned in our list of predicted trends for next year,” says Shulman. “While this is presumably an end-point security issue, I think that application owners should look for solutions that would protect their users against man-in-the-browser attacks during a session with the specific application.”
About Liam Eagle
Liam Eagle has worked as a contributor to the Web Host Industry Review since its inception in 2000, and as editor since 2003. He has been editor of the WHIR's print magazine since its launch. His daily involvement in the gathering and reporting of Web hosting news and his regular interaction with Web hosting leaders gives him an uncommonly broad appreciation of the issues and tends facing the business. Through his WHIR blog, Liam spots Web hosting trends and offers opinions on the industry-wide impacts of major developments and the motivation behind big announcements. Follow him on Twitter @liameagle
No related posts.
