07-23-2014 05:45 AM
By Darren Pauli, 23 Jul 2014
Attackers suspected of residing in Russia are raiding Swiss bank accounts with a multi-faceted attack that intercepts SMS tokens and changes domain name system settings, researchers have warned.
The attacks sported a clever implementation of malware that pointed victim machines to replica phishing bank sites when they attempt to access their accounts without triggering any warnings.
That tactic was accomplished by malware that manipulated a victims' DNS settings and installed an SSL certificate for the phishing sites before wiping itself clean to remove evidence of infection.