An ATM keypad. Hackers are believed to have infiltrated dozens of banks and even programmed ATMs to dispense money at specific times.
Photograph: Sarah Lee/Sarah Lee
[From article]
The bank’s internal computers, used by employees who process daily transfers and conduct bookkeeping, had been penetrated by malware that allowed cybercriminals to record their every move. The malicious software lurked for months, sending back video feeds and images that told a criminal group — including Russians, Chinese and Europeans — how the bank conducted its daily routines, according to the investigators.
Then the group impersonated bank officers, not only turning on various cash machines, but also transferring millions of dollars from banks in Russia, Japan, Switzerland, the United States and the Netherlands into dummy accounts set up in other countries.
[. . .]
"The goal was to mimic their activities,” said Sergey Golovanov of Kaspersky, about how the thieves targeted bank employees.
[From article]
The bank’s internal computers, used by employees who process daily transfers and conduct bookkeeping, had been penetrated by malware that allowed cybercriminals to record their every move. The malicious software lurked for months, sending back video feeds and images that told a criminal group — including Russians, Chinese and Europeans — how the bank conducted its daily routines, according to the investigators.
Then the group impersonated bank officers, not only turning on various cash machines, but also transferring millions of dollars from banks in Russia, Japan, Switzerland, the United States and the Netherlands into dummy accounts set up in other countries.
[. . .]
"The goal was to mimic their activities,” said Sergey Golovanov of Kaspersky, about how the thieves targeted bank employees.
CreditRaphael Satter/Associated Press
In many ways, this hack began like any other. The cybercriminals sent their victims infected emails — a news clip or message that appeared to come from a colleague — as bait. When the bank employees clicked on the email, they inadvertently downloaded malicious code. That allowed the hackers to crawl across a bank’s network until they found employees who administered the cash transfer systems or remotely connected A.T.M.s.
Then, Kaspersky’s investigators said, the thieves installed a “RAT”— remote access tool — that could capture video and screenshots of the employees’ computers.
“The goal was to mimic their activities,” said Sergey Golovanov, who conducted the inquiry for Kaspersky Lab. “That way, everything would look like a normal, everyday transaction,” he said in a telephone interview from Russia.
The attackers took great pains to learn each bank’s particular system, while they set up fake accounts at banks in the United States and China that could serve as the destination for transfers. Two people briefed on the investigation said that the accounts were set up at J.P. Morgan Chase and the Agricultural Bank of China.
[. . .]
But the largest sums were stolen by hacking into a bank’s accounting systems and briefly manipulating account balances. Using the access gained by impersonating the banking officers, the criminals first would inflate a balance — for example, an account with $1,000 would be altered to show $10,000. Then $9,000 would be transferred outside the bank. The actual account holder would not suspect a problem, and it would take the bank some time to figure out what had happened.
Method:
Hackers send email containing a malware program called Carbanak to hundreds of bank employees, hoping to infect a bank’s administrative computer.
Programs installed by the malware record keystrokes and take screen shots of the bank’s computers, so that hackers can learn bank procedures. They also enable hackers to control the banks’ computers remotely.
By mimicking the bank procedures they have learned, hackers direct the banks’ computers to steal money in a variety of ways:
Transferring money into hackers’ fraudulent bank accounts
Using e-payment systems to send money to fraudulent accounts overseas
Directing A.T.M.s to dispense money at set times and locations
http://www.nytimes.com/2015/02/15/world/bank-hackers-steal-millions-via-malware.html?_r=0
Bank Hackers Steal Millions via Malware
By DAVID E. SANGER and NICOLE PERLROTH New York Times FEB. 14, 2015
* * *
[From article]
The Financial Services Information Sharing and Analysis Center, a nonprofit that alerts banks about hacking activity, said in a statement that its members received a briefing about the report in January.
http://www.theguardian.com/technology/2015/feb/16/hackers-steal-1bn-in-online-bank-thefts-says-report
Hackers steal $1bn in series of online bank thefts says report
Security firm says hackers infiltrated more than 100 banks and ‘watched’ employees to gain knowledge of systems
Associated Press
Sunday 15 February 2015 22.19 EST
In many ways, this hack began like any other. The cybercriminals sent their victims infected emails — a news clip or message that appeared to come from a colleague — as bait. When the bank employees clicked on the email, they inadvertently downloaded malicious code. That allowed the hackers to crawl across a bank’s network until they found employees who administered the cash transfer systems or remotely connected A.T.M.s.
Then, Kaspersky’s investigators said, the thieves installed a “RAT”— remote access tool — that could capture video and screenshots of the employees’ computers.
“The goal was to mimic their activities,” said Sergey Golovanov, who conducted the inquiry for Kaspersky Lab. “That way, everything would look like a normal, everyday transaction,” he said in a telephone interview from Russia.
The attackers took great pains to learn each bank’s particular system, while they set up fake accounts at banks in the United States and China that could serve as the destination for transfers. Two people briefed on the investigation said that the accounts were set up at J.P. Morgan Chase and the Agricultural Bank of China.
[. . .]
But the largest sums were stolen by hacking into a bank’s accounting systems and briefly manipulating account balances. Using the access gained by impersonating the banking officers, the criminals first would inflate a balance — for example, an account with $1,000 would be altered to show $10,000. Then $9,000 would be transferred outside the bank. The actual account holder would not suspect a problem, and it would take the bank some time to figure out what had happened.
Method:
Hackers send email containing a malware program called Carbanak to hundreds of bank employees, hoping to infect a bank’s administrative computer.
Programs installed by the malware record keystrokes and take screen shots of the bank’s computers, so that hackers can learn bank procedures. They also enable hackers to control the banks’ computers remotely.
By mimicking the bank procedures they have learned, hackers direct the banks’ computers to steal money in a variety of ways:
Transferring money into hackers’ fraudulent bank accounts
Using e-payment systems to send money to fraudulent accounts overseas
Directing A.T.M.s to dispense money at set times and locations
http://www.nytimes.com/2015/02/15/world/bank-hackers-steal-millions-via-malware.html?_r=0
Bank Hackers Steal Millions via Malware
By DAVID E. SANGER and NICOLE PERLROTH New York Times FEB. 14, 2015
* * *
[From article]
The Financial Services Information Sharing and Analysis Center, a nonprofit that alerts banks about hacking activity, said in a statement that its members received a briefing about the report in January.
http://www.theguardian.com/technology/2015/feb/16/hackers-steal-1bn-in-online-bank-thefts-says-report
Hackers steal $1bn in series of online bank thefts says report
Security firm says hackers infiltrated more than 100 banks and ‘watched’ employees to gain knowledge of systems
Associated Press
Sunday 15 February 2015 22.19 EST
No comments:
Post a Comment