One of the largest banking hacks to date has been uncovered recently. Since 2013, a hacker ring based in Russia has stolen nearly $1 billion from 100 banks in 30 countries, including some in the US, according to the Huffington Post.
The hackers used basic phishing schemes by sending emails to bank employees and installing malware on the computers. Then, they collected videos, data, and a screen shots for months to learn how the banks’ systems work. After getting a grasp of the system, hackers would begin transferring money to fake accounts or by programming ATMs to dispense money.
The first clue that something was amiss was in late 2013 when an ATM in Kiev, Ukraine began spewing out cash at random intervals throughout the day but one would come to collect the money, according to PYMTS.com. Security firm Kaspersky Lab was called to investigate the ATM where they uncovered the much larger truth: that dozens of banks’ systems had been infiltrated.
Over the next year, the hackers stole around $10 million from each bank. They were able to go so long undetected because they patiently and methodically transferred money into their accounts. The criminals would watch the bank’s account-checking schedule and wait until the appropriate time to transfer money into an account, then transfer money outside of the bank so the account balances never changed in the eyes of the banks, reports PYMTS.com.
The criminals could still be at work, stealing money from financial institutions. The names of the banks have yet to be disclosed, as the investigation is still on-going.
The director of Kaspersky’s North American operation Chris Doggett told the New York Times that most cyberthefts are like “Bonnie and Clyde,” where criminals break into the systems and take what they can get in a short amount of time but this heist was “much more Ocean’s Eleven.”