Menu
Share
Share this story
Close X
 
Switch to Desktop Site

Hackers stole $1 billion in high-tech bank heists, researchers say

(Read article summary)
View video

Gene J. Puskar/AP/File

(Read caption) A person inserts a debit card into an ATM in Pittsburgh. Over a two-year span, a group of hackers attacked banks, e-payment systems and other financial institutions, according to Kaspersky Labs, which has been working with law-enforcement agencies including Interpol.

View photo

An advanced hacking campaign against dozens of large banking institutions has hauled in as much as $1 billion, security researchers say.

Over nearly two years, the so-called Carbanak hacking group — named for the malware they use — attacked banks, e-payment systems and other financial institutions, according to Kaspersky Labs, which has been working with law-enforcement agencies including Interpol.

About these ads

No individual users were targeted, according to the security firm, only the financial institutions themselves.

“One way or another, the criminals stripped each victim bank of $2.5 million to $10 million – the amount looks striking even when assessed individually,” Kaspersky’s Alex Drozhzhin wrote in a blog post Monday. “Considering that dozens – up to one hundred – of organizations lost their funds due to the APT (advanced persistent threat) attack, the cumulative loss might well total to a stunning $1 billion.”

Kaspersky says it was hired by one of the institutions, a Russian bank, after it had noticed the attack.

According to Drozhzhin, hackers used phishing attacks to lure users of the banks’ computer networks into installing malware into those systems. They took control over the compromised machines, then used them to infect other machines in the networks, seeking out computers that could be used to access critical information and  make financial transactions, according to the post.

They withdrew funds using methods that included withdrawing money into fake bank accounts and even sending remote messages to ATMs, making them start spewing out money.

“On average, it took from two to four months to drain each victim bank, starting from the Day 1 of infection to cash withdrawal,” Drozhzhin wrote.

Kaspersky did not identify the institutions that were attacked, but said “severe losses” have been sustained in countries including the United States, Russia, Germany, China and Ukraine, with newer operations sprouting up in Malaysia, Nepal, Kuwait and several African countries.

About these ads

To avoid phishing attacks like the one used by Carbanak, Kaspersky and other security experts advise Web users to never open suspicious emails, especially those that contain attachments, and to regularly update the software they use. The Carbanak attack exploited bugs that had been fixed in the most up-to-date versions of the software that was attacked.


Follow Stories Like This
Get the Monitor stories you care about delivered to your inbox.