Abstract
Banking malware is malicious software that aims to steal money from victims via manipulated bank transfers in online banking. This paper describes how the profits of banking malware are generated and subsequently laundered, with a particular focus on the use of bitcoins and other digital payment methods. Computers are infected with banking malware via phishing emails, in which people are persuaded in various ways to click on links or open attachments, or via exploit kits, programs that try to find weak spots in the security of computer systems. After infection, bank transfers of the online banking accounts of victims are manipulated via fake website screens (web injects). Behind the screens the amounts and beneficiaries of transactions are modified, emptying the victims’ bank accounts. In the next step, the banking malware profits are laundered. In this paper we describe two models that are used in particular (next to more traditional money laundering methods). The first model involves the use of money mules and a quick cash-out. The second model focuses on direct spending via (a) direct purchases of products via online shopping, (b) direct purchases of bitcoins via Bitcoin exchanges or (c) direct purchases of luxury goods. Bitcoins can be further laundered via so-called mixing services. All in all, these methods allow criminals to launder profits in relative anonymity and prevent seizure of the illegal profits.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
