[ISN] Hackers Steal $150,000 from Mich. Insurance Firm

From: InfoSec News <alerts_at_private>
Date: Wed, 17 Feb 2010 00:18:42 -0600 (CST)

By Brian Krebs
Krebs on Security
February 16th, 2010

An insurance firm in Michigan lost nearly $150,000 this month as a 
result of a single computer virus infection.

Port Austin, Mich. based United Shortline Insurance Service Inc., an 
insurance provider serving the railroad industry, discovered on Feb. 5 
that the computer used by their firm's controller was behaving oddly and 
would not respond. The company's computer technician scoured the system 
with multiple security tools, and found it had been invaded by "ZeuS," a 
highly sophisticated banking Trojan that steals passwords and allows 
criminals to control infected hosts remotely

The following Monday, Feb. 8, United Shortline received a call from the 
Tinker Federal Credit Union at Tinker Air Force Base in Oklahoma, 
inquiring about a suspicious funds transfer one of its customers had 
received for slightly less than $10,000.

After that call, United Shortline President Louis M. Schillinger said 
the firm found 14 other such unauthorized transfers had been made from 
the company's account to individuals across the United States who had no 
prior business with Shortline.

"I said, 'Oh my God, someone's just taken all of the money out of our 
trust account,'" Schillinger said. The hackers moved money from the 
company's trust account over to its operating account, and then made the 
illicit transfers from there.


Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
Received on Tue Feb 16 2010 - 22:18:42 PST

This archive was generated by hypermail 2.2.0 : Tue Feb 16 2010 - 22:24:14 PST