Five Arrested For Large Scale Bank Hacking

Law enforcement authorities from Europe and Asia have arrested five members of an international Cyber-criminal group that specialised in hacking into automated teller machine (ATMs).

The investigation began in early 2016, according to Europol. Three suspects were arrested in Taiwan, one in Romania, and one in Belarus. Most of them had multiple citizenships and could travel easily between countries, the agency says. 

Hacking into ATMs to steal money is nothing new, and there are malware programs built specifically for such machines that allow criminals to withdraw money using hidden commands.

To infect ATMs with such malware most attackers either receive help from bank insiders or buy service keys that can be used to open the front panels of ATMs and access their communications ports.

However, the gang targeted by this law enforcement investigation had a different modus operandi. They used spear-phishing to target bank employees and penetrate the banks' internal networks. They then located and hacked into the ATM network segment from the inside.

Targeting and compromising financial institutions instead of their customers is a more recent technique. A year ago, researchers from antivirus vendor Kaspersky Lab warned about three cybercrime groups that hacked into banks' computer networks.

Some of them can wait for months or even a year inside a compromised network before they start stealing money, during which they carefully observe and gather information about the target's internal procedures, money moving processes, and key employees.

One such gang dubbed Carbanak stole between $500 million and $1 billion from hundreds of financial institutions in at least 30 countries.

Compared to Carbanak, the losses to banks caused by the five arrested suspects are estimated at around $3.2 million. Two of them have already been convicted, Europol said. It's unclear when all of the arrests happened.

Computerworld

UK Fraud Hits £1.1bn As Cyber Crime Soars:           Lloyds Bank Cyber Attack

 

« Cyberwarfare: Borders Offer No Defense
Businesses Are Saving Time & Money With AI »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity provide solutions for Secure Networks, Secure Communications, Network Analysis, and Endpoint Security.

Combitech

Combitech

Combitech is the Nordic region’s leading cyber security consultancy firm, with about 260 certified security consultants helping companies and authorities prevent and manage cyber threats.

ProPay

ProPay

ProPay provides secure payment solutions for organizations ranging from small businesses to large enterprises requiring complex payment solutions.

Detack

Detack

Detack is an independent supplier of IT security auditing and consulting services.

IT Security House

IT Security House

IT Security House is a leading European supplier of Cyber Security Intelligence and eCrime services.

NewGens

NewGens

NewGens is a solution and service provider to banking institutions in the APAC region. Areas of expertise include cybersecurity, AML, fruad prevention, compliance and risk management.

Netsurion

Netsurion

Netsurion powers secure and agile networks for highly distributed and small-to-medium enterprises and the IT providers that serve them.

Cybermerc

Cybermerc

Cybermerc's services, training programmes and cyber security solutions are designed to forge collaborations across industry, government and academia, for collective defence of our digital borders.

FCI

FCI

FCI is a NIST-Based Managed Security Service Provider (MSSP) offering Cybersecurity Compliance Enablement Technologies & Services to Financial Services organizations.

SensCy

SensCy

SensCy is a Trusted Guide for Sensible Cybersecurity for small and medium-sized organizations.

InterSec Inc.

InterSec Inc.

InterSec Inc. is a cybersecurity company that offers a variety of services to small and medium-sized businesses including CMMC Compliance, Program Management, Governance, & Cybersecurity.

Brennan IT

Brennan IT

For over 25 years, Brennan’s expert team has helped businesses achieve real success through innovative and secure technology solutions.

Neosoft

Neosoft

Néosoft is an independent digital transformation consulting group with expertise in Consulting & Agility, Cybersecurity, Data, DevOps, Infrastructure & Cloud and Software Engineering.

ThreatDown

ThreatDown

ThreatDown, powered by Malwarebytes, is on a mission to overpower threats and empower IT by removing the complexity of detecting and stopping today’s most advanced threats.

Knostic

Knostic

Knostic is an early stage startup developing a risk management and governance platform designed for enterprise large language models (LLM).

Cyber Qubits

Cyber Qubits

Cyber Qubits is a cybersecurity training and consulting company focused on developing the next generation of cybersecurity professionals.