Five Arrested For Large Scale Bank Hacking

Law enforcement authorities from Europe and Asia have arrested five members of an international Cyber-criminal group that specialised in hacking into automated teller machine (ATMs).

The investigation began in early 2016, according to Europol. Three suspects were arrested in Taiwan, one in Romania, and one in Belarus. Most of them had multiple citizenships and could travel easily between countries, the agency says. 

Hacking into ATMs to steal money is nothing new, and there are malware programs built specifically for such machines that allow criminals to withdraw money using hidden commands.

To infect ATMs with such malware most attackers either receive help from bank insiders or buy service keys that can be used to open the front panels of ATMs and access their communications ports.

However, the gang targeted by this law enforcement investigation had a different modus operandi. They used spear-phishing to target bank employees and penetrate the banks' internal networks. They then located and hacked into the ATM network segment from the inside.

Targeting and compromising financial institutions instead of their customers is a more recent technique. A year ago, researchers from antivirus vendor Kaspersky Lab warned about three cybercrime groups that hacked into banks' computer networks.

Some of them can wait for months or even a year inside a compromised network before they start stealing money, during which they carefully observe and gather information about the target's internal procedures, money moving processes, and key employees.

One such gang dubbed Carbanak stole between $500 million and $1 billion from hundreds of financial institutions in at least 30 countries.

Compared to Carbanak, the losses to banks caused by the five arrested suspects are estimated at around $3.2 million. Two of them have already been convicted, Europol said. It's unclear when all of the arrests happened.

Computerworld

UK Fraud Hits £1.1bn As Cyber Crime Soars:           Lloyds Bank Cyber Attack

 

« Cyberwarfare: Borders Offer No Defense
Businesses Are Saving Time & Money With AI »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

APMG International (APM Group)

APMG International (APM Group)

APM Group is a global accreditation, certification and examination body specializing in certification schemes for individuals, organizations and software.

GreatHorn

GreatHorn

GreatHorn offers the only cloud-native security platform that stops targeted social engineering and phishing attacks on communication tools like O365, G Suite, and Slack.

Plixer

Plixer

Plixer delivers a network traffic analytics system used for monitoring, visualization, and reporting of network and security incidents.

Post-Quantum

Post-Quantum

Post-Quantum offer a unique, patented quantum-resistant encryption algorithm that can be applied to existing products and networks.

CynergisTek

CynergisTek

CynergisTek is a top-ranked cybersecurity and information management consulting firm dedicated to serving the healthcare industry.

CyberGreen Institute

CyberGreen Institute

The CyberGreen Institute is a global non-profit and collaborative organization conducting activities focused on helping to improve the health of the global Cyber Ecosystem.

Tenfold Software

Tenfold Software

Tenfold is the unique, centralized platform for managing user and permissions efficiently and automatically.

Ziroh Labs

Ziroh Labs

Ziroh Labs leverages advanced cryptography to keep your highly sensitive, private data safe throughout the lifecycle of data.

FifthDomain

FifthDomain

We are a specialist cyber security education and training company tackling the global cyber security skills shortage.

Caveonix

Caveonix

Caveonix’s RiskForesight TM solution is an automated, proactive risk and compliance platform designed for hybrid and multi-cloud.

HMS Networks

HMS Networks

HMS stands for Hardware meets Software. Our technology enables industrial hardware to communicate and share information with software and systems.

ShieldApps

ShieldApps

ShieldApps comprehensive suite of products is designed to protect your personal devices from privacy threats, including hacking attempts, online tracking, fingerprinting, phishing, malware, and more.

Syracom

Syracom

syracom is a consultancy firm specialized in development of efficient business processes. With our expertise and IT competence, we develop tailored solutions for customers in various industries.

Raxis

Raxis

Raxis is a cybersecurity company that hacks into computer networks and physical structures to perform penetration tests, assessing corporate vulnerability to real-world threats.

Maintel

Maintel

Maintel provides cloud and managed communications services. We help our customers to deliver exceptional customer experiences, and to securely access their applications and their data.

Cybercentry

Cybercentry

Cybercentry is a specialist information security, data protection and cyber security consultancy.