In what is appearing to be one of the largest bank thefts across the globe, hackers have managed to steal over $300 million from more than 100 banks in 30 different countries. The new comes from a Kaspersky Labs report given to the New York Times, which explains a large-scale, sophisticated malware was used since 2013 to siphon the money from financial institutions. No banks have officially come forward to disclose the security breaches, but victims include those in Russia, the U.S., Europe, and Japan.
A North American manager for Kaspersky told the Times “this is likely the most sophisticated attack the world has seen to date in terms of the tactics and methods that cybercriminals have used to remain covert.” The attack is described as being a long, drawn-out process, involving the infection of bank computers, usage of surveillance software, and spying on bank employees in order to copy their behavior and not leave signs of missing funds.
Once the hackers had access to the bank systems, part of which was granted by tricking employees to install the virus via forged emails, they were able to carry out transactions that would appear as common, everyday instances. Thefts were also limited to $10 million at a time, although some banks were hit more than once. When it came time to getting cash out, money would be forwarded to dummy accounts, or sometimes even sent to ATMs that were under the criminals’ control.
Kaspersky, a security research firm, says that the banks who have fallen victim have all been made aware of the hackings, but they aren’t able to release names due to non-disclosure agreements. A majority of the banks are said to be in Russia, but sadly the attacks are still ongoing in a number of situations. Kaspersky’s full analysis is set to be released on Monday.
SOURCE New York Times