Hackers in Eastern Europe have been draining banks of hundreds of millions of dollars, stealing nearly $1 billion dollars in a string of online heists since 2013, making for one of the largest hacks of all time.
Financial institutions located in Russia, Japan, the United States and throughout Europe have fallen victim to a sophisticated malware hack, allowing hackers to get off with hundreds millions of dollars, all since 2013. According to Kaspersky Lab’s, the internet security firm who identified the sophisticated malware plaguing banks, told the New York Times that more than 100 banking institutions throughout 30 nations had fallen victim to the breach, allowing hackers off with more than $300 million.
While no institutions have publicly acknowledged being robbed by the Carbanak gang, experts are calling the attack one of the largest bank thefts ever. “This is likely the most sophisticated attack the world has seen to date in terms of the tactics and methods that cybercriminals have used to remain covert,” Chris Doggett said, the managing director of Kaspersky North America.
To pull off an attack the size hackers did, it took time. Kaspersky labs reported how the malware worked its way inside the bank and left with millions.
Bank’s internal computers, used by employees who process the daily transfers and conduct bookkeeping, had been remotely infected by surveillance malware, allowing cybercriminals to record the institutions every move. The malware lurked on the internal systems for months, reporting back data, video feeds, images and keystrokes all back to the Carbanak gang, allowing them to see how the institutions conduct their daily routines, said investigators.
While observing and studying everyday behaviors, hackers learned how employees worked, allowing them to easily mimic their actions which let the massive heist to go off without a hitch.
From there forward, the group of criminals impersonated bank officials, allowing them to turn on various cash machines and transfer millions of dollars from banks in Russia, Japan, Switzerland, the United States and the Netherlands into various dummy accounts set in other countries, appearing out of the jurisdiction of each other. One Kaspersky client reportedly lost $7.3 million from a single ATM transaction alone, while another lost $10 million from an exploitation in the accounting system.
Hackers used various methods to cash out, such as siphoning off cash into several online accounts, taking over ATM machines forcing them to spit out cash while an associate waited nearby among several other undisclosed methods.
While most theft and fraud occurs from the customer accounts, the Carbanak gang steals from the banks directly.
The security firm says it has hard evidence that hackers stole $300 million from clients, and believes the total could be triple that, advancing to nearly $1 billion in total thefts. The projection is impossible to verify, reported the firm, because each theft was limited to $10 million per transaction, though various institutions were hit several times. If hackers went back for seconds, their theft was significantly smaller, presumably to avoid setting off alarms.
Federal officials around the world have been notified of the ongoing breach, learning of the attack and being properly assessed. Interpol agents said their digital crimes specialist in Singapore were coordinating an investigation with law enforcement in affected countries. In the Netherlands, the Dutch High Tech Crime Unit, the Dutch National Police division that has investigated some of the world’s most advanced financial cybercrime cases, have as well been breached. The White House and FBI have been briefed on the heist, but say assessing the damages and losses will take time.
Every single financial institution to date has been silent on the ongoing cybertheft, a tactic President Obama has long urged against. Just last month Obama proposed a national data breach disclosure standard, a new law that would require all hacked companies to publicly disclose their breach within 30 days of the companies knowledge.
While the hack is widespread and ongoing, banks have been silent on the issue, choosing to ignore public comments, though the Financial Services
Information Sharing and Analysis Center (FS-ISAC) states that the industry has been alerted of the breach and its severity.
The worst part of the global banking heist, the attack is still ongoing.