Monday, 16 February 2015

How Hackers Stole $1 Billion From 100 Banks Using Malware

Despite increased online and mobile banking security, banks are more often being targeted by hackers. A hacker group has infiltrated a number of banks and financial institutions in several countries, stealing hundreds of Millions of dollars in possibly the biggest bank heist the world has ever seen.
According to a report published by the New York Times on Saturday, hackers have stolen as much as $1 Billion from more than 100 banks and other financial companies in almost 30 nations, making it "the most sophisticated attack the world has seen to date."

In late 2013, banks in Russia, Japan, Europe, the United States and other countries fell victim to a massive, sophisticated malware hack that allowed the hackers to spy on bank officials in order to mimic their behavior, according to an upcoming report by Kaspersky Labs received by the NY Times.

CARBANAK BANKING MALWARE IN THE WILD
In order to infect bank staffs, the hacker group sent malicious emails to hundreds of employees at different banks. Once open, the email downloads a malware program called Carbanak, that allegedly allowed perpetrators to transfer money from the banks to fake accounts or ATMs monitored by criminals.
CARBANAK BANKING MALWARE
The exact figure of the stolen amount is unclear, though, according to the cybersecurity firm, the total theft could be more than $300 Million. Because, the hackers only swiped $10 million at a time and some banks were targeted more than once.
"This is likely the most sophisticated attack the world has seen to date in terms of the tactics and methods that cybercriminals have used to remain covert," Chris Doggett, manager of Kaspersky's North American office in Boston, told the Times.
However, the cyber security firm does not name the banks and financial institutions involved in the massive theft operation in its report. But, the interesting part is that no banks have come forward to reveal that they have been hacked in this largest theft.
CARBANAK BANKING MALWARE
HISTORY OF CYBER HEIST
This is not first time when hackers have made banks and financial institutions as their target. In past, they had carried out a number of bank crimes. The list is given below:
  • In March, 2012 - A Russian hacker was sentenced to two years in US prison for his involvement in a global bank Million Dollar Fraud scheme that used hundreds of phony bank accounts to steal over $3 million from dozens of U.S.accounts. He was responsible for the Zeus banking malware that was used to carry out the fraud.
  • In October, 2012 - FBI arrested 14 people who used cash advance kiosks at casinos located in Southern California and Nevada and robbed over $1 million from Citibank.
  • In May, 2013 - A gang of cyber-criminals operating in 26 countries stole $45 Million by hacking into the database of prepaid debit cards, making it the biggest bank robbery in the history.
  • In July, 2013 - A hacker group allegedly broke into the computer networks of more than a dozen of major American and International corporations and stole 160 million credit card numbers over the course of 7 years, making it the largest data theft case ever prosecuted in the U.S.
  • In October, 2013 - The Dutch police arrested four people who used TorRat Malware to target two out of three major Banks in the Netherlands and stole over Millions of Dollars from Banking Accounts.
Source;
The Hackers News

No comments: