A hacking group has stolen $1 billion from up to 100 financial institutions worldwide, according to a new analysis released by Kaspersky Lab, Interpol and Europol.
The Carbanak criminal gang is said to have targeted banks, e-payment systems and other FIs across 30 countries in a wave of sophisticated cyber attacks over the last two years, some of which are still active.
It is estimated that sums of up to $10 million were stolen in each raid, with each robbery taking between two and four months from infecting the first computer in the bank’s corporate network to the thieves collecting the money.
Outlining how the attacks took place, Kaspersky Lab said that the cyber criminals began by gaining entry into an employee’s computer through spear phishing, and infecting the victim with the Carbanak malware.
The hackers were then able to jump into the internal network and track down administrators’ computers for video surveillance. This allowed them to see and record everything that happened on the screens of staff who serviced the cash transfer systems, and to then mimic staff activity in order to transfer money out.
The fraudsters accessed the cash by depositing funds from the banks’ accounts into their own accounts, which were often based in China or America. They also used a technique to ‘inflate’ account balances and transfer the extra amounts, so that customers would not see any loss to their original balance. Another method involved seizing control of banks’ ATMs and ordering them to dispense cash at a pre-determined time, when a gang member would be waiting to collect it.
Sergey Golovanov, principal security researcher at Kaspersky Lab’s global research and analysis team, said: “These bank heists were surprising because it made no difference to the criminals what software the banks were using. So, even if its software is unique, a bank cannot get complacent. The attackers didn’t even need to hack into the banks’ services: once they got into the network, they learned how to hide their malicious plot behind legitimate actions. It was a very slick and professional cyber robbery.”
Latest News
Sanctions evasion in an era of conflict: Optimising KYC and monitoring to tackle crime
The ongoing war in Ukraine and resulting sanctions on Russia, and the continuing geopolitical tensions have resulted in an unprecedented increase in parties added to sanctions lists.
Achieving operational resilience in the financial sector: Navigating DORA with confidence
Operational resilience has become crucial for financial institutions navigating today's digital landscape riddled with cyber risks and challenges. The EU's Digital Operational Resilience Act (DORA) provides a harmonised framework to address these complexities, but there are key factors that financial institutions must ensure they consider.
Legacy isn’t the enemy: what FSIs can do to keep their systems up and running
In this webinar we will examine some of the steps FSIs have already taken to rigorously monitor and test systems – both manually and with AI-powered automation – while satisfying the concerns of regulators and customers.
Optimising digital banking: Unifying communications for seamless CX
In the digital age, financial institutions risk falling behind their rivals if they fail to unite fragmented communications ecosystems to deliver seamless, personalised customer experiences.
This FStech webinar sponsored by Precisely explores vital strategies to optimise cross-channel messaging through omnichannel orchestration and real-time customer data access.
This FStech webinar sponsored by Precisely explores vital strategies to optimise cross-channel messaging through omnichannel orchestration and real-time customer data access.
© 2019 Perspective Publishing Privacy & Cookies
Recent Stories