Cyberattack Hits 100 Banks, up to $1 Billion Stolen (Feb. 17, 2015)
Hackers may have made off with as much as $1 billion in a series of attacks on more than 100 banks and financial institutions in 30 nations. In a new report, cybersecurity provider Kaspersky Lab said it first identified the hack in late 2013, when the firm was called in by a bank in Ukraine to investigate money stolen from its ATMs. Kaspersky soon discovered a much larger breach. The bank’s computers had been infected with malware that enabled the hackers—known as Carbanak, for the software they used—to record via remote access tools the activity of bank employees.
According to Kaspersky, the malware was sent via phishing emails that appeared to come from within the bank’s network and included attachments with malicious code. Once the malware was installed, the attackers studied the bank’s network and eventually gained access to administrators’ computers, from which they initiated fraudulent transactions, including transfers to dummy bank accounts and cash disbursements at ATMs. Individual bank customers were not affected; the hackers would inflate balances and steal only the inflated funds, so the customer wouldn’t notice anything amiss, Kaspersky said. From the initial Ukrainian bank, Kaspersky’s investigation expanded to include more than 100 banks, mostly in Eastern Europe, but also banks in the U.S., Germany and China. Recently, the still active Carbanak group has expanded to Asia, the Middle East and Africa, the firm said.
For a video explaining more about the Carbanak attack, click here.
See related stories: