RSA 2011: Cybercriminals perfect theft from Europe’s carbon registries


RSA 2011: Cybercriminals perfect theft from Europe’s carbon registries

Warwick Ashford

An Eastern European gang of cyber criminals appears to have perfected techniques to steal millions of pounds from Europe's carbon registries, which allow companies to buy and sell pollution credits.

The attacks use a combination of phishing, malicious links and modified Trojans, according to Uri Rivner, senior researcher at RSA, the security division of EMC.

The gang impersonated employees responsible for buying and selling carbon emission permits, he told RSA Conference 2011 in San Francisco.

They gathered intelligence about the carbon registries in 25 nations and then used the information to craft targeted e-mails containing links to documents infected with the Nimkey banking Trojan.

The criminals used the Trojan to steal account credentials, which were then used to carry out transactions and divert the proceeds into accounts controlled by accomplices.

Using this technique, the gang stole $31m (£19.1m) from a Romanian cement company and $25.6m from the Czech Republic registry.

The European Commission shut down all the registries in mid-January and although some have been allowed to reopen, most remain closed.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy