MANILA, Philippines – Banks in Russia, Europe, USA, and Japan were inflitrated by malware, allowing a criminal group to get away with at least $300 million – and possibly up to $1 billion – due to the security breach.
A Kaspersky Lab statement said the attack affected more than 100 banks and financial institutions in at least 30 countries.
The group responsible, the Carbanak gang, is a multinational group of cybercriminals from Russia, Ukraine and other parts of Europe, as well as from China.
According to a New York Times report, “the bank’s internal computers, used by employees who process daily transfers and conduct bookkeeping, had been penetrated by malware that allowed cybercriminals to record their every move.” It sent back video feeds and images that gave criminals information on how the bank conducted its daily routines.
The criminal group then took on the guise of bank officers, “not only turning on various cash machines, but also transferring millions of dollars from banks in Russia, Japan, Switzerland, the United States and the Netherlands into dummy accounts set up in other countries.”
Kaspersky added in its report that there were 3 ways in which money was taken. The first was to use online banking or international electronic payment systems to transfer money from the banks’ accounts to their own. The second was to inflate account balances in the accounting systems, then grabbing the extra funds via a fraudulent transaction. The third method involved controlling a bank’s automated teller machine, telling it to dispense cash at predetermined times. A gang member would then wait and collect the cash.
Sergey Golovanov, Principal Security Researcher at Kaspersky Lab’s Global Research and Analysis Team, said of the robberies, “These bank heists were surprising because it made no difference to the criminals what software the banks were using. So, even if its software is unique, a bank cannot get complacent.”
Golovanov added, “The attackers didn’t even need to hack into the banks’ services: once they got into the network, they learned how to hide their malicious plot behind legitimate actions. It was a very slick and professional cyber-robbery.” – Rappler.com