As concerns surrounding cybersecurity continue to escalate, hackers are having a field day and have made off with nearly $1 billion since 2013. The victim? More than 100 banks and financial institutions all over the world.
A hacker group dubbed the "Carbanak cybergang" has stolen at least $300 million and most likely closer to $1 billion in the past five years from financial institutions and banks in nearly 30 nations including the U.S., some in Europe and Japan, according to a report by Moscow-based Kaspersky Lab. The "unprecedented cyber-robbery" by the Carbanak gang could give it the notorious distinction of being the biggest bank theft ever.
Per Kaspersky Lab's report, due to be published on Monday, Feb. 16, the cybercriminals stole close to $10 million in each raid and the gang's members come from Ukraine, China, Russia and other European countries. The New York Times has managed to lay its hands on an advance copy of the report and divulged the findings.
The publication reveals that the cybercriminals targeted not only banks and financial institutions but also e-payment systems. Alarmingly, the gang is still active.
"This is likely the most sophisticated attack the world has seen to date in terms of the tactics and methods that cybercriminals have used to remain covert," revealed Chris Doggett, managing director of Kaspersky Lab North America market.
The hackers' heists amount to at least $300 million per the evidence Kaspersky Lab has and it believes the total could be three times that amount.
"These bank heists were surprising because it made no difference to the criminals what software the banks were using," said Sergey Golovanov, principal security researcher at Kaspersky Lab's global research and analysis team. "It was a very slick and professional cyber-robbery."
So how did the Carbanak cybergang -- which gets its name from the malware it used -- manage to pull off a string of these surprising heists? The hackers broke into the computer systems of the targeted banks by sending infected emails to the employees containing the Carbanak malware.
Once the malware spread, the hackers had access and were able to find out which employees were responsible for cash transfer or ATMs. They wasted no time in installing a RAT, i.e., a remote access tool, that allowed the hackers to observe how employees use their computers. They used the videos or screenshots of the employee's screen to observe what the particular employee did and later mimic the same pattern.
The hackers were able to direct ATMs to remotely dispense the money as required, when an accomplice would be waiting, as well as transfer funds to fraudulent accounts.
The security firm was alerted to the hacking when an Eastern European bank's security service showed them a video of the bank's ATM dispensing money to a robber who did not possess a card and was not even pressing any buttons.
The names of the affected banks have not been divulged by Kaspersky Lab owing to nondisclosure agreements. The affected banks are aware of the incidents but have not informed any of their customers.
Reportedly, Interpol is looking into the matter and conducting an investigation.
