Ryan Sherstobitoff is a McAfee Threat Researcher focusing on cyberfraud research and threat intelligence. Prior to ...
Project Blitzkrieg, a current attack on US financial institutions, got a lot of media attention following a blog posting by RSA researchers who wrote they had discovered an operation run by an individual known as vorVzakone. RSA identified the malware as belonging to the Gozi family and labeled it Prinimalka. VorVzakone’s claim was met with skepticism from Russian Underweb forums as well as from others in the research community.
The McAfee Labs paper Analyzing Project Blitzkrieg provides an insight into the credibility of this threat to the financial industry and analyzes the claims made by vorVzakone in his forum posting.
If the aims of Project Blitzkrieg, as vorVzakone has claimed, become fully realized by spring 2013, the financial industry needs to be fully prepared. In this research we take a deeper look into the overall credibility of this threat to the US financial industry.
Some key findings: