61°F
weather icon Mostly Cloudy

Hackers rig ATMs, steal $1 billion in massive heist

Hackers have stolen approximately $1 billion in what could be one of the largest bank heists ever, according to a new report from the Internet security firm Kaspersky Lab.

Kaspersky said Sunday it has uncovered how hackers surreptitiously installed spying software on bank computers, eventually learned how to mimic bank employee workflows and used the knowledge to make transfers into bank accounts they had created for this theft.

More than 100 banks were hit, Kaspersky said, and based on the hackers’ practice of stealing between $2.5 million and $10 million from each bank, it estimated “total financial losses could be as a high as $1 billion, making this by far the most successful criminal cyber campaign we have ever seen.”

Kaspersky did not name the banks but said they are institutions located in 25 countries, including the United States.

It also said the “attacks remain active,” and provided tips for bank officials to determine if their computers are vulnerable.

The thieves were Russian, Ukrainian, Chinese and European, Kaspersky said.

The individual thefts involved no more than $10 million apiece.

Kaspersky called the malware “Carbanak” and said it provided the hackers the ability to watch bank employees conduct their business.

“This allowed them to see and record everything that happened on the screens of staff who serviced the cash transfer systems,” Kaspersky said. “In this way the fraudsters got to know every last detail of the bank clerks’ work and were able to mimic staff activity in order to transfer money and cash out.”

After penetrating a bank’s computer systems, the hackers lurked for “two to four months” before striking in one of several ways, like changing an account balance, then transferring the excess funds into their own accounts. They also spewed cash out of ATMs when “one of the gang’s henchmen was waiting beside the machine” to collect the money.

An industry cybersecurity group has “disseminated intelligence on this attack to the members,” according to The New York Times, which first covered the report. The Financial Services Information Sharing and Analysis Center told the Times that “some briefings were also provided by law enforcement entities.”

Don't miss the big stories. Like us on Facebook.
THE LATEST
House lawmaker accuses administration for migrant children’s deaths

A Democratic lawmaker on Wednesday blamed the Trump administration’s border policies for the deaths of migrant children, and the acting head of the Homeland Security Department lashed out at the “appalling accusation.”

Iran doesn’t want war with US , says key Iranian lawmaker

Iran will “under no circumstances” enter a war either directly or indirectly with the United States, a prominent reformist Iranian lawmaker said Wednesday, as both Washington and Tehran try to ease heightened tensions in the region.

‘American Taliban’ Lindh to be released after nearly 20 years

John Walker Lindh, the Californian who became known as the American Taliban after he was captured by U.S. forces in the invasion of Afghanistan in late 2001, is set to go free after nearly two decades in prison.

Probe inconclusive on racist picture in Va. governor’s yearbook

An investigation ordered up by a Virginia medical school failed to determine whether Gov. Ralph Northam is in a 1984 yearbook photo of a man in blackface next to someone in a Ku Klux Klan hood and robe.