Banking Blog

Finance Blogs » Banking Blog » Hackers empty $900K bank account

Hackers empty $900K bank account

By Claes Bell ·
Monday, February 25, 2013
Posted: 9 am ET

In itself, a distributed denial of service, or DDoS, attack on a bank's website is little more than costly hooliganism. It essentially consists of hackers ordering a bunch of malware-infected computers to "click" on a bank's website until it's too overwhelmed to respond to legitimate users.

The effect is pretty similar to a barricade across the entrance to your bank: You can't get in, but your money is still safe inside the bank.

But what if thieves used a DDoS attack as cover for a more harmful attack that did actually compromise customer checking accounts? That appears to be exactly what happened to a customer of Bank of the West, according to a report from security blogger Brian Krebs:

A Christmas Eve cyber-attack against the website of a regional California financial institution helped to distract bank officials from an online account takeover against one of its clients, netting thieves more than $900,000.

At approximately midday on Dec. 24, 2012, organized cyber crooks began moving money out of corporate accounts belonging to Ascent Builders, a construction firm based in Sacramento, Calif. In short order, the company's financial institution -- San Francisco-based Bank of the West -- came under a large distributed denial of service (DDoS) attack …

There were 62 individuals suckered in to acting as "mules" for the stolen money, according to Krebs.

It's standard operating procedure for scammers to recruit unsuspecting individuals and businesses ("make big money working from home!") to accept a substantial deposit from thieves and wire the bulk of it overseas, keeping a portion for themselves as payments. Typically, the money clears and the mule completes the transfer, only to have the authorities catch up with them and claw back the money, leaving them on the hook for most of the losses.

Obviously, you never want to agree to accept and transfer cash as these mules did. Aside from the legal implications of engaging in what amounts to money laundering, what good are promised payoffs if they're going to be clawed back later?

Another important step to avoid having your account on the receiving end of this type of coordinated attack is having up-to-date antivirus software installed on your computer. Krebs writes that the thieves may have gained access to Ascent Builders' bank logins using malware surreptitiously installed on its computers. And you don't want that happen to you, especially on Christmas Eve.

What do you think? Do you worry about online thieves draining your accounts? What precautions do you take to prevent that from happening?

Follow me on Twitter: @claesbell.

Bankrate wants to hear from you and encourages comments. We ask that you stay on topic, respect other people's opinions, and avoid profanity, offensive statements, and illegal content. Please keep in mind that we reserve the right to (but are not obligated to) edit or delete your comments. Please avoid posting private or confidential information, and also keep in mind that anything you post may be disclosed, published, transmitted or reused.

By submitting a post, you agree to be bound by Bankrate's terms of use. Please refer to Bankrate's privacy policy for more information regarding Bankrate's privacy practices.
March 02, 2013 at 3:23 pm

I use a pre-paid debit card for most online-purchases in which I keep very little funds, this isn't fool proof but at least it severely limits how much crooks can acquire and hopefully increase the risk/reward ratio on them. I have also banned my Windows machines from the Internet, IMHO you simply cannot secure them. My accounts ONLY get accessed from a machine running Linux these days and only after a reboot of the system.

March 02, 2013 at 10:00 am

Say I had 500,000 in my account and it gets riped off I don`t loose do I ? Is the bank responsible for paying the money back ? I would think so but I don`t really know ? Or do I have to perch's some extra kind of protection ?I would would like it if someone could email me and let me know.
Thank`s Much, David

March 01, 2013 at 11:27 pm


Kurt Liles
March 01, 2013 at 3:32 pm

This article has nothing to do with credit cards

Bill h
March 01, 2013 at 9:01 am

Good idea James M. Tis wise also to have your money in a different bank from the one handling your credit card.

February 28, 2013 at 7:11 pm

For online purchases I use a prepaid debit card with just a limited amount of money on it. That way if some douchebag gets the card numbers he has very little to work with. Did you notice the article seemed to indicate the bank was trying to blame it on the Company saying "oh, your virus software is old so guess what...its your fault you got robbed. I bet the bank tries to welch out on paying back the customer.

February 28, 2013 at 2:43 pm

The big tax increases have reduced what I take home so I have less to lose. I have observed that Uncle Sugar does almost nothing about this. They catch one or two token spammers or hackers each year and call it good.

February 28, 2013 at 1:01 am

I just stay broke. Problem solved.

February 27, 2013 at 3:01 pm

Yep, I just had some a-hole in California make over a dozen ATM charges/withdrawal against my account. The bank flagged such quickly as fraud, being so many in such a short period of time.

And yep, I still had my ATM card. And I have never used it on-line for anything.

James M.
February 26, 2013 at 12:20 pm

This is one reason I only use a credit card shopping anywhere, especially online. At least when someone takes your account information they use the bank's credit not your money from a checking account.

I've had my card compromised twice. One time I lost it and someone ran up almost $1000 on a bar tab, another in India with someone buying plane tickets to some obscure tropical island (forgot the name), and I STILL HAD THE CARD.

It is inconvenient having to wait for a new credit card but way better than being at the mercy of banks waiting for your money to be returned.