A group of hackers reportedly stole US$1 billion from various banks and financial institutions around the world. It is estimated that the hacker group broke into at least 100 bank accounts from 30 countries worldwide.
The hacking operation carried out by the hacker group called Carbanak is known to have taken about two years. Kaspersky Lab revealed several scenarios that Carbanak employed during its hacking attempts, ultimately resulting in the theft of US$1 billion.
Sergey Golovanov, Principal Security Researcher at the Kaspersky Lab Global Research and Analysis Team, stated that this cyber bank robbery is quite shocking. He believes that the software used by the criminals is indistinguishable from that used by the banks themselves.
"The criminals didn't even need to hack into the bank's services; once they gained access to the network, they learned how to conceal their malicious activities behind legitimate actions. It was a very slick and professional cyber robbery," said Golovanov.
How did these online bank robbers execute their scheme? Here's the information.
Firstly
The Most Feared Hackers in the World
Their names are renowned in the hacking world. Who are they?
First, they would withdraw the cash obtained from the bank hacking carried out by Carbanak using online banking systems or international e-payment methods. Carbanak transferred money from bank accounts to their own accounts.
It is believed that the stolen money was deposited into banks located in China or America. However, experts suggest that banks in other countries may also have been used as recipient banks.
Secondly, in other cases, the hackers used bank account holders as shields and attacked the core of the accounting system. They inflated account balances before pocketing additional funds through fraudulent transactions.
They even manipulated the account holders they exploited, ensuring that they remained unaware that they were being used to carry out a heist by the hackers.
For instance, if a bank account had US$1,000, these criminals would change it to US$10,000 and transfer US$9,000 to their own accounts. The account holder wouldn't suspect any issue because the balance remained unchanged at US$1,000.
Thirdly, this method might be slightly more traditional compared to other hacking schemes. The cybercriminals took control of bank ATMs and instructed them to dispense cash at predetermined times.
When the payment was due, one of the criminal gang's members would wait beside the machine to collect the payment, which could be considered a 'voluntary' disbursement.
Comments0