Cyber-Criminals Steal $100s of Millions in Global Strike on Banks
Cyber thieves have infiltrated at least 100 financial institutions over the past two years, stealing money from at least half.Using spear phishing attacks to compromise financial workers’ systems, a gang of cyber-criminals has stolen hundreds of millions of dollars from banks in Russia, Ukraine, China, Germany and the United States during a two-year crime spree, security firm Kaspersky Lab stated in a report published on Feb. 16. The cyber-thieves sent malware-laden documents to bank employees, which—when opened– would attempt to exploit vulnerabilities in Microsoft Office or the Windows control panel. Following a compromise, the attackers sought information on a compromised bank’s money-processing services, ATMs and financial accounting practices, researchers said. The attackers managed to control systems inside of 100 banks, stealing money from more than half of the financial institutions, including causing $7.3 million to be dispensed by compromised ATMs at one bank and using another company’s financial system to transfer $10 million, Kaspersky researchers stated in the report. “ATMs were instructed remotely to dispense cash without any interaction with the ATM itself, with the cash then collected by mules,” the researchers stated in a blog post summarizing the research. “The SWIFT network was used to transfer money out of the organization and into criminals’ accounts; and databases with account information were altered so that fake accounts could be created with a relatively high balance, with mule services being used to collect the money.”
In each instance, the criminals would take two to four months to observe a compromised bank before cashing out. The widespread operation, dubbed Carbanak by Kaspersky for the malware used in the crimes, is ongoing the firm stated.