Hackers steal up to $1 billion from banks through malware “Carbanak”

Imagine standing in front of an ATM machine that suddenly starts to dispense money. That’s apparently what sparked a large investigation the end of 2013. It has now been discovered that this was part of what may be the largest bank theft ever.

“In late 2013, an A.T.M. in Kiev started dispensing cash at seemingly random times of day. No one had put in a card or touched a button. Cameras showed that the piles of money had been swept up by customers who appeared lucky to be there at the right moment.” reported the New York Times.

10777282_sKaspersky Lab revealed on Saturday that a multinational gang of cyber criminals has stolen up to $1 billion from as many as 100 financial institutions around the world in a few years time. Attacks on ATM machines or individual bank accounts are quite common nowadays. This time the criminals took the unusual approach of stealing directly from banks by targeting bank employee’s computers. The hackers sent emails to hundreds of bank employees that included a malicious link. Once clicked on, a malware program called Carbanak would install which allowed the hackers to get onto the bank’s internal network and spy on the staff’s activities. The malware program recorded keystrokes and took screen shots of the bank’s computers, so that hackers could learn bank procedures and get access to the bank’s administrative system.

Controlling ATM machines remotely was on of the methods

The hackers then stole money from the bank in a few different methods that are known so far:

  • Directing ATM machines to dispense money at set times and locations, where a gang member would wait to collect.
  • Transferring money into hacker’s fraudulent bank accounts
  • Using online payment systems to send money to fraudulent accounts worldwide
  • Inflating account balances of individual accounts before pocketing the extra money, so that the account holder would not suspect a problem.

No bank has come forward yet to acknowledge the theft

The majority of the targets were in Russia, but also many in the US, Japan and Europe. According to the New York Times, no bank has come forward acknowledging the theft, a common problem that US President Obama addressed recently. The full report will be published by the New York times this Monday. Kaspersky Lab says that the scope of this attack on more than 100 banks and other financial institutions in 30 nations could make it one of the largest bank thefts ever. The affected banks are aware of what’s going on, but Kaspersky says it can’t name them because of non-disclosure pacts.

Kaspersky said it’s working with Interpol, Europol and authorities from different countries to try to uncover more details on what it being called an unprecedented robbery. While it’s always a good idea to keep an eye out for suspicious bank account activity, you now have an even better reason to be cautious. More details will most likely be revealed this week, after the full report has been published.

Have a great (malware-free) day!

  • Tempus

    I guess that the employees of the Banks which have been exposed to this malicious program, is in short of: Proper education of personnel, and an open damage control strategy,… and of course Emsisoft anti malware on every pc ;-) , where the behavior blocker might would have given the bank(s) a better chance to catch the malware, LOL =))