Skip to main content

Hackers steal up to $1 billion in huge online bank heist

kentucky hospital subjected to ransomware hacker keyboard
A huge and highly sophisticated malware attack affecting multiple banks in as many as 30 countries has reportedly netted those behind the crime as much as $1 billion over the last two years.

Chris Doggett of computer security firm Kaspersky North America told the NY Times the malware used by the cybercriminals represented a marked increase in the complexity of such attacks on financial organizations.

Related Videos

“This is likely the most sophisticated attack the world has seen to date in terms of the tactics and methods that cybercriminals have used to remain covert,” Doggett said.

Kaspersky pegged the stolen amount at between $300 million and $1 billion, adding that so far it hasn’t been able to offer a more definitive figure as each of the detected thefts was limited to a maximum amount of $10 million.

The security firm said the attack started in late 2013 when the cybergang sent emails to hundreds of bank workers that tricked them into downloading the malicious software. This gave hackers the opportunity to trawl a bank’s computer network in search of employees operating its money transfer systems and ATMs.

The criminals then installed tools capable of capturing video and screenshots of employees’ workstations to learn how they worked.

Kaspersky’s Sergey Golovanov told the NY Times that the cybergang’s goal was “to mimic [the bank’s] activities,” adding, “That way, everything would look like a normal, everyday transaction.”

When the necessary information had been gathered, fake accounts were set up in a number of countries into which money transfers were made. ATMs were also commandeered to dispense cash to waiting associates.

According to Kaspersky, hacking into banks’ accounting operations has netted the gang the largest amounts. Using this method, the gang would inflate an account’s balance and then immediately withdraw the inflated amount before returning the account to its original balance. Such a method made it harder for the account holder and bank to spot that an illegal transaction had taken place.

While most of the targets have been in Russia, banks in the U.S., Europe, and Japan have also been hit. None of the affected banks have so far been named, though Kaspersky said law enforcement agencies around the world, among them the FBI, have already been briefed on its findings.

The security firm plans to publish a full report on the incident today.

Editors' Recommendations

Possible Russian hacker network may be responsible for new MacOS malware
google perspective machine learning machack feat

A particularly virulent form of cyberattack was identified when the Stuxnet malware wreaked havoc at Iran's nuclear processing facilities. Discovered in 2010, the attack resulted in the creation of a new term, "advanced persistent threat" (APT), to designate a cyberattack that is intended to break into a particular target and work over a long period of time at stealing data or breaking down infrastructure.

But the Stuxnet attack was not the first example of an APT. Another, a hacker network dubbed APT28 and linked by some sources with Russian government or criminal elements, has been at work since 2007 targeting a number of industries and sectors in Ukraine, Spain, Russian, Romania, the U.S., and Canada. Anti-malware software company Bitdefender generated a report on APT28 in 2016 and has provided an update on its Bitdefender Labs blog connecting it to new MacOS malware.

Read more
Apple is investing a whopping $1 billion in the SoftBank Vision Fund for emerging tech
Apple Logo

It looks like Apple wants to play a bigger role in the advancement of emerging technologies -- the company has confirmed that it is investing a whopping $1 billion in the Softbank Fund.

The investment will help as the SoftBank Fund aims to close initial funding by the end of the month, with a final close expected for sometime in mid-2017, according to an article from the Wall Street Journal. Apple joins a growing list of large tech companies -- the likes of Qualcomm and Foxconn have also invested in the fund.

Read more
Man takes over $1 million from account due to bank error
citibank atm eyes cell phone new atms 2 3

Anyone who keeps money in the bank knows that there different types of checking accounts. One offers this type of perk, the other comes with that feature. One of the common offerings from banks is something called "overdraft protection." You spend more than you actually have in the account, and the bank covers the charge. For a nice fee, of course.

So consider the case of an Australian man named Luke Moore. Gizmodo says that in March of 2010, he was, as many of us have been, a "broke college student on government benefits," and applied at his bank, St. George, for an enticing "Complete Freedom Account" that came with overdraft coverage. The bank calls it "A great everyday account packed full of features. Open one in just three minutes!" In Moore's case, it was packed with a lot more than that.

Read more