NEWS
NEWS
NEWS
Kaspersky: hackers steal at least $300 million from banks using malware
When many think bank robberies they may think of balaclava-wearing crooks with shot guns terrorising bank employees, but in 2015 bank robbery is a far more subtle affair involving multi-national crime gangs hacking into bank systems using malware.
In a report to be published Monday, security firm Kaspersky details malware attacks that have stolen at least $300 million from over 100 financial institutions in 30 countries.
The majority of the targets were in Russia, but many were in Japan, the United States and Europe.
The criminals use a two-step method to infiltrate their targets: after initially tricking bank employees into installing malware (Carbanak) through spoofed email, they then spy on staff in order to mimic their behavior and prevent any telltale signs that the money they are attempting to access is being done so by people outside of the banks.
To access funds, most attacks attempted to transfer the money to an outside account, although in some cases attacks would send cash to ATMs monitored by the criminals involved.
Though, Kaspersky noted the $300 million headline figure could be at least three times higher again; the criminals were limited to transactions no higher that $10 million per attack, and some banks had been hit multiple times making it difficult to measure just how much had been stolen over time. In other cases there were many smaller transactions which may not have alerted bank systems.
With some of those small fraudulent transactions, customers in particular may have never noticed their accounts being accessed. The hackers would change the balance on an account with $1000 to $10,000, then transfer the additional $9,000 to an external bank account.
“These attacks again underline the fact that criminals will exploit any vulnerability in any system,” Sanjay Virmani, director of Interpol Digital Crime Center, told Reuters. “It also highlights the fact that no sector can consider itself immune to attack and must constantly address their security procedures.”
photo credit: Portrait of a boy wearing a mask holding a rifle via photopin (license)
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
