Operation High Roller

Global cyber attack in the banking system

Operation High Roller was a series of fraud in the banking system in different parts of the world that used cyber-collection agents in order to collect PC and smart-phone information to electronically raid bank accounts.^[1] It was dissected in 2012 by McAfee and Guardian Analytics.^[2] A total of roughly $78 million was siphoned out of bank accounts due to this attack.^[3] The attackers were operating from servers in Russia, Albania and China to carry out electronic fund transfers.^[4]

Specifications

This cyber attack is described to have the following features:^[5]

Bypassed Chip and PIN authentication.
Required no human participation.
Instruction came from cloud-based servers (rather than the hacker's PC) to further hide the identity of the attacker.
Included elements of "insider levels of understanding".
Banks in Europe, the United States and Colombia were targeted.
Impacted several classes of financial institution such as credit unions, large global banks, regional banks, and high-net-worth individuals.

While some sources have suggested it to be an extension of man-in-the-browser attack^[6] Operation High Roller is reported to have harnessed a more extensive level of automation distinguishing it from the traditional methods.^[7]

References

^ Rachael King (June 26, 2012). "Operation high roller targets corporate bank accounts". Wall Street Journal.
^ "Operation high roller auto-targets bank funds". CNET News.
^ "How exactly do cyber criminals steal $78 million?". Time magazine (online) Business and Money. July 3, 2012.
^ Danielle Walker (October 29, 2012). ""High roller" fraud campaign persists, origin revealed". SC Magazine. Archived from the original on 2012-11-01.
^ Michael Rundle (June 26, 2012). "Operation high roller". Huffington Post.
^ ""High roller" hacker attack is stealing hundreds of millions from the rich". DailyTech. June 26, 2012. Archived from the original on 2012-06-30.
^ "'Operation high roller' stole from the rich to give to unknown auto-mule crims in the cloud". The Register. June 27, 2012.

External links

Dissecting operation high roller on McAfee/Guardian Analytics report
Operation high roller on CNN Money
Operation high roller on Fox News report
Operation high roller on Yahoo Finance
Operation high roller revisited

Hacking in the 2010s

← 2000s

Timeline

2020s →

Major incidents

2010	Operation Aurora (publication of 2009 events) Australian cyberattacks Operation Olympic Games Operation ShadowNet Operation Payback
2011	Canadian government DigiNotar DNSChanger HBGary Federal Operation AntiSec PlayStation network outage RSA SecurID compromise
2012	LinkedIn hack Stratfor email leak Operation High Roller
2013	South Korea cyberattack Snapchat hack Cyberterrorism Attack of June 25 2013 Yahoo! data breach Singapore cyberattacks
2014	Anthem medical data breach Operation Tovar 2014 celebrity nude photo leak 2014 JPMorgan Chase data breach 2014 Sony Pictures hack Russian hacker password theft 2014 Yahoo! data breach
2015	Office of Personnel Management data breach Hacking Team Ashley Madison data breach VTech data breach Ukrainian Power Grid Cyberattack SWIFT banking hack
2016	Bangladesh Bank robbery Hollywood Presbyterian Medical Center ransomware incident Commission on Elections data breach Democratic National Committee cyber attacks Vietnam Airport Hacks DCCC cyber attacks Indian Bank data breaches Surkov leaks Dyn cyberattack Russian interference in the 2016 U.S. elections 2016 Bitfinex hack
2017	SHAttered 2017 Macron e-mail leaks WannaCry ransomware attack Westminster data breach Petya and NotPetya 2017 Ukraine ransomware attacks Vault7 data breach Equifax data breach Deloitte breach Disqus breach
2018	Trustico Atlanta cyberattack SingHealth data breach
2019	Sri Lanka cyberattack Baltimore ransomware attack Bulgarian revenue agency hack WhatsApp snooping scandal Jeff Bezos phone hacking incident

Hacktivism

Advanced
persistent threats

Individuals

Major vulnerabilities
publicly disclosed

Evercookie (2010)
iSeeYou (2013)
Heartbleed (2014)
Shellshock (2014)
POODLE (2014)
Rootpipe (2014)
Row hammer (2014)
SS7 vulnerabilities (2014)
JASBUG (2015)
Stagefright (2015)
DROWN (2016)
Badlock (2016)
Dirty COW (2016)
Cloudbleed (2017)
Broadcom Wi-Fi (2017)
EternalBlue (2017)
DoublePulsar (2017)
Silent Bob is Silent (2017)
KRACK (2017)
ROCA vulnerability (2017)
BlueBorne (2017)
Meltdown (2018)
Spectre (2018)
EFAIL (2018)
Exactis (2018)
Speculative Store Bypass (2018)
Lazy FP state restore (2018)
TLBleed (2018)
SigSpoof (2018)
Foreshadow (2018)
Dragonblood (2019)
Microarchitectural Data Sampling (2019)
BlueKeep (2019)
Kr00k (2019)

Malware

2010	Bad Rabbit Black Energy 2 SpyEye Stuxnet
2011	Coreflood Alureon Duqu Kelihos Metulji botnet Stars
2012	Carna Dexter FBI Flame Mahdi Red October Shamoon
2013	CryptoLocker DarkSeoul
2014	Brambul Black Energy 3 Carbanak Careto DarkHotel Duqu 2.0 FinFisher Gameover ZeuS Regin
2015	Dridex Hidden Tear Rombertik TeslaCrypt
2016	Hitler Jigsaw KeRanger Necurs MEMZ Mirai Pegasus Petya and NotPetya X-Agent
2017	BrickerBot Kirk LogicLocker Rensenware Triton WannaCry XafeCopy
2018	VPNFilter
2019	Grum Joanap NetTraveler R2D2 Tinba Titanium ZeroAccess botnet