A cyber-crime ring has stolen almost $1bn (£648m) from banks and financial institutions in 30 countries over the past two years, in one of the world’s biggest bank heists to date, according to security firm Kaspersky Lab.
The “unprecedented” thefts were carried out using malware that infected the internal systems of up to 100 organisations, mostly in Russia, but also in countries including the US, Germany, China, the Ukraine and Canada, according to the firm.
A gang with members in Russia, the Ukraine and China used information obtained by the malware to transfer funds to accounts in other countries or to cause cash machines to dispense funds at predetermined times, according to Kaspersky.
The thefts were limited to $10m per incident, but Kaspersky said it has seen evidence of at least $300m in stolen funds caused by the gang, and said the total so far could be up to $1bn.
One bank lost $7.3m through cash machine withdrawals alone, according to the report.
In the report, Kaspersky said the thefts mark a new stage of sophistication in cyber-crime in which “malicious users steal money directly from banks and avoid targeting end users”.
On average, each theft took between two and four months, as the criminals patiently studied the target’s routines, so that the theft would not attract notice, Kaspersky said.
The criminals used booby-trapped emails to infect users’ computers with the Carbanak malware, which allowed them to install software that could send back video and screenshots of a users’ screens.
“These attacks again underline the fact that criminals will exploit any vulnerability in any system,” stated Sanjay Virmani, director of Interpol’s digital crime centre, which worked with Kaspersky on the investigation.
No affected bank has come forward so far to acknowledge a theft, and Kaspersky said its nondisclosure agreements with clients don’t permit it to name the organisations involved.
The Financial Services Information Sharing and Analysis Centre, an industry consortium that alerts banks about criminal activity, said members were briefed about Kaspersky’s report last month.
“We cannot comment on individual actions our members have taken, but on balance we believe our members are taking appropriate actions to prevent and detect these kinds of attacks and minimise any effects on their customers,” the group said in a statement.
Are you a security pro? Try our quiz!
Bad news for Tim Cook, as Counterpoint records 19 percent fall in iPhone sales in…
TikTok pledges to challenge 'unconstitutional' US ban in the courts, after President Joe Biden signs…
British regulator invites feedback on major partnerships Microsoft and Amazon have struck with smaller AI…
Another 20 staff have been fired by Google over Israel protest and their “completely unacceptable…
Censorship row brewing down under, after the Australian Prime Minister calls Elon Musk an 'arrogant…
Financial regulator asks New York judge to impose $5.3 billion in fines against Terraform Labs…