CHINA TOPIX

12/22/2024 10:11:35 pm

Make CT Your Homepage

'Carbanak' Cybercriminals Steal US$1 Billion from 100 Banks

Cyber Security

People pose in front of a display showing the word 'cyber' in binary code,

A total of US$1 billion was stolen from more than 100 banks in 30 countries over the course of two years. The culprits are a gang of cybercriminals with members originating from Russia, Ukraine, and China.

The New York Times recently reported the sophisticated cyberattack aimed at multiple countries.

Like Us on Facebook

Russian computer security company, Kaspersky Lab, helped shed some light on the attack. They spoke about how much the cybercriminals stole, as well as their origins. They dubbed the group "Carbanak".

Kaspersky said the gang used small raids to steal the money. Instead of infiltrating one bank and going for a big haul, the hackers focused on several banks in Russia, Japan, The Netherlands, Switzerland, and the United States.

While most of the stolen money was from Russia, banks in the other countries were also raided for as much as $10 million each.

Kaspersky continues to work with Interpol, Europol, and other relevant authorities from different countries to uncover more details on what they call an unprecedented robbery.

Carbanak takes an unusual approach to their heists. Rather than posing as customers to withdraw money from companies' or individual accounts, they went directly for the banks.

An email was carefully crafted by Carbanak to deceive pre-selected employees into viewing it. Once opened, these emails released malicious files or malware and viruses that infected the bank's computer system. The technique is known as spear phishing.

Once the system was infected, the cybercriminals tracked down the administrators' computers used for video surveillance.

This allowed Carbanak to survey how bank clerks worked, subsequently allowing them to mimic their activity when transferring money.

Apart from siphoning the money, the group also took control of ATM machines remotely and ordered them to dispense cash at a random time, with a member of the group waiting to scoop it all away.

Principal security researcher at Kaspersky, Sergey Golovanov, couldn't help but be in awe of the attack as the bank's different software weren't an issue at all.

"It was a very slick and professional cyberrobbery," Golovanov said.

Real Time Analytics