Cyber-gang suspects arrested over billion-euro ATM hacks
Spanish police have apprehended the alleged mastermind of a gang of cyber criminals believed to have stolen over €1bn (£870m) from financial institutions around the world. The move is part of a five-year international investigation into the thefts.
A Ukrainian named only as Denis K was arrested in the coastal city of Alicante, 220 miles south-east of Madrid, according to Spanish police and Europol. Three suspected accomplices, said to be Russian and Ukrainian, were also arrested.
The cyber gang under investigation has reportedly been working on the money-making scheme for five years. Its members used malware to target more than 100 financial institutions worldwide, sometimes stealing up to €10m in each heist. Almost all of Russia’s banks were targeted, with around 50 of them losing money in the attacks, authorities said.
The gang sent phishing emails with a malicious attachment to bank workers, Europol said. The software gave the gang remote control of infected machines, providing them with access to the internal banking network and infecting servers controlling ATMs.
ATMs were instructed to dispense cash at a pre-determined time and the money was collected by organised crime groups supporting the main gang.
The gang converted its illicit gains into bitcoins and used the cryptocurrency to purchase assets in Spain, including houses and vehicles.
In Ukraine, police said an unidentified 30-year-old man linked to the gang was co-operating with authorities.
Ross Rustici, a senior director at Boston-based digital security firm Cybereason, said the gang stood out from others because of the amount of care and planning it put into operations.
“They’re unusual in how slow and methodical they are and how organised they are,” he said.
Other groups use similar techniques in isolation, “but nobody before them had strung all those things together on such a scale”.
Rustici said it seemed likely the gang members botched their effort to launder their ill-gotten gains.
“That’s usually what happens with these who are very good on the network side, they make mistakes on the money side,” he said. “You can’t buy a nice villa on the Mediterranean with cryptocurrency. Or at least not yet.”