A hacking network has stolen up to $1bn from more than 100 banks and financial institutions around the world in what would be an “unprecedented cyber-robbery”, claims a cyber-security firm.
The hackers are said to be a gang with members in Russia, China and Europe who infiltrated banks’ operating systems and stole up to $10m at a time since 2013, when the attacks started. It is possible that the thefts are continuing, according to a report released by security company Kaspersky Lab.
It said the cyber-robberies had taken place in 30 countries including Russia, U.S., Germany, China, Ukraine and Canada, and Kasperkys had collaborated with Interpol and Europol on the investigation.
“The attacks are unusual because they target the banks themselves rather than customers and their account information,” Vicente Diaz, Kaspersky’s principal security researcher, said.
The hackers spent months learning the banks’ systems once they managed to get access, taking screen shots and videos of employees using their computers. They managed to set up cashpoints to dispense money at specific times or fake accounts to transfer the money into.
"In this case they are not interested in information. They're only interested in the money," Diaz said. "They're flexible and quite aggressive and use any tool they find useful for doing whatever they want to do."
According to the report emails were sent to bank employees that appeared to come from a colleague, which enclosed a link that allowed the hackers to download a code to find the employee who administered the cash transfer systems. One bank is said to have lost $7.3m via these withdrawals.
The Financial Services Information Sharing and Analysis Centre, a body that alerts banks about hacking activity, said that its members had received a briefing about Kaspersky’s report in January.
"We cannot comment on individual actions our members have taken, but on balance we believe our members are taking appropriate actions to prevent and detect these kinds of attacks and minimise any effects on their customers," it said in a statement.