Five Arrested For Large Scale Bank Hacking

Law enforcement authorities from Europe and Asia have arrested five members of an international Cyber-criminal group that specialised in hacking into automated teller machine (ATMs).

The investigation began in early 2016, according to Europol. Three suspects were arrested in Taiwan, one in Romania, and one in Belarus. Most of them had multiple citizenships and could travel easily between countries, the agency says. 

Hacking into ATMs to steal money is nothing new, and there are malware programs built specifically for such machines that allow criminals to withdraw money using hidden commands.

To infect ATMs with such malware most attackers either receive help from bank insiders or buy service keys that can be used to open the front panels of ATMs and access their communications ports.

However, the gang targeted by this law enforcement investigation had a different modus operandi. They used spear-phishing to target bank employees and penetrate the banks' internal networks. They then located and hacked into the ATM network segment from the inside.

Targeting and compromising financial institutions instead of their customers is a more recent technique. A year ago, researchers from antivirus vendor Kaspersky Lab warned about three cybercrime groups that hacked into banks' computer networks.

Some of them can wait for months or even a year inside a compromised network before they start stealing money, during which they carefully observe and gather information about the target's internal procedures, money moving processes, and key employees.

One such gang dubbed Carbanak stole between $500 million and $1 billion from hundreds of financial institutions in at least 30 countries.

Compared to Carbanak, the losses to banks caused by the five arrested suspects are estimated at around $3.2 million. Two of them have already been convicted, Europol said. It's unclear when all of the arrests happened.

Computerworld

UK Fraud Hits £1.1bn As Cyber Crime Soars:           Lloyds Bank Cyber Attack

 

« Cyberwarfare: Borders Offer No Defense
Businesses Are Saving Time & Money With AI »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Intrinsic-ID

Intrinsic-ID

Intrinsic-ID's authentication technology creates unique IDs and keys to authenticate chips, data, devices and systems.

Telos

Telos

Telos offers cybersecurity solutions and services that empower and protect the world’s most security-conscious enterprises.

AVR International

AVR International

AVR educate, advise, analyse and provide professional, technical consultancy and support to ensure your business is safe, compliant and protected.

S2 Grupo

S2 Grupo

S2 Grupo is the benchmark company in Europe and Latin America, for Cyber Intelligence and mission critical systems operations.

Haystax Technology

Haystax Technology

Haystax’s security analytics platform applies artificial intelligence techniques to identify and prioritize threats in real time.

Information Network Security Agency (INSA) - Ethiopia

Information Network Security Agency (INSA) - Ethiopia

INSA's vision is to realize a globally competent National Cyber capability which plays a key role in protecting the national interests of Ethiopia.

Aves Netsec

Aves Netsec

Aves is a deceptive security system for enterprises who want to capture, observe and mitigate bad actors in their internal network.

BetterCloud

BetterCloud

BetterCloud puts IT in control of the modern workplace through user lifecycle management, data discovery, and IT and security automation purpose-built for SaaS.

Irish National Accreditation Board (INAB)

Irish National Accreditation Board (INAB)

INAB is the national accreditation body for Ireland. The directory of members provides details of organisations offering certification services for ISO 27001.

Brighterion

Brighterion

Brighterion solutions stop payment and acquirer fraud, reduce credit risk and delinquency, fight financial crime, prevent healthcare fraud, waste and abuse, and more.

Security Risk Management (SRM)

Security Risk Management (SRM)

SRM provide a comprehensive security risk management service encompassing people, processes, technology, governance, compliance and risk management.

FourthRev

FourthRev

FourthRev is an education-technology start-up with a mission to solve the skills crisis of the Fourth Industrial Revolution.

Commvault

Commvault

Commvault's data protection and information management solutions help companies protect, access and use all of their data, anywhere and anytime.

Helix Security Services

Helix Security Services

Helix Security provides IT & information security consultancy to government and businesses across New Zealand.

TrafficGuard

TrafficGuard

TrafficGuard is an award-winning digital ad verification and fraud prevention platform.

FoxPointe Solutions

FoxPointe Solutions

FoxPointe Solutions is a full-service cyber risk management and compliance firm.