"A Russian speaker based in Romania could be responsible for the whole operation," Trend Micro's researchers said. "Or, the brains behind this operation could be based in Russia and the Romanian connection only plays a small part in the attack. We cannot say for sure."
The researchers concluded that two-factor authentication is not as secure as many businesses would expect. Trend Micro recommended that banks consider alternative methods of authentication, including adding other layers of transaction authentication numbers, a photo-based approach or a physical card reader.
"Bank clients are advised to take all necessary precautions to secure their transactions, especially since the attacks mentioned in this paper occur entirely on their side," Trend Micro said in the report.
—By Nicole Perlroth, The New York Times