A multinational gang of cyber criminals has stolen as much as US$1 billion (A$1.3 billion) from as many as 100 financial institutions around the world in about two years, according to IT security firm Kaspersky Lab.
The company said it was working with Interpol, Europol and authorities from different countries to try to uncover more details on what is being called an unprecedented robbery.
The gang, which Kaspersky dubbed Carbanak, takes the unusual approach of stealing directly from banks, rather than posing as customers to withdraw money from companies’ or individuals’ accounts. It said the gang included cyber criminals from Europe, Russia and Ukraine, as well as China.
Carbanak used carefully crafted emails to trick pre-selected employees into opening malicious software files, a common technique known as spear phishing.
Once activated, the malware provided access to the banks’ internal networks. The criminals were able to install Remote Access Tools (RATs) on administrators’ computers, putting them under secret video surveillance.
This way, Kaspersky said, the criminals learned how the bank clerks worked and could mimic their activity when transferring the money.
In some cases, Carbanak inflated account balances before pocketing the extra funds through a fraudulent transaction. Because the legitimate funds were still there, the account holder would not suspect a problem.
Kaspersky said Carbanak also remotely seized control of ATMs and ordered them to dispense cash at a predetermined time, when a gang member would be waiting to collect the money.
"These attacks again underline the fact that criminals will exploit any vulnerability in any system," Sanjay Virmani, director of Interpol Digital Crime Centre, said in a statement prepared by Kaspersky.
"It also highlights the fact that no sector can consider itself immune to attack and must constantly address their security procedures."