A hacker group has stolen as much as $1 billion from banks and other financial companies worldwide since 2013 in an “unprecedented cyber-robbery,” according to computer security firm Kaspersky Lab.
The gang targeted as many as 100 banks, e-payment systems and other financial institutions in 30 countries including the U.S, China and European nations, stealing as much as $10 million in each raid, Kaspersky Lab, Russia’s largest maker of antivirus software, said in a report. The Carbanak gang members came from Russia, China, Ukraine and other parts of Europe, and they are still active, it said.
The criminals infected bank employees’ computers with Carbanak malware, which then spread to internal networks and enabled video surveillance of staff. That let fraudsters mimic employee activity to transfer and steal money, according to Kaspersky Lab, which said it has been working with Interpol, Europol and other authorities to uncover the plot.
“These bank heists were surprising because it made no difference to the criminals what software the banks were using,” said Sergey Golovanov, principal security researcher at Kaspersky Lab’s global research and analysis team. “It was a very slick and professional cyber-robbery.”
Criminals also used access to banks’ networks to seize control of ATMs and order them to dispense cash at certain times to henchmen, Kaspersky Lab said. In some cases the gang inflated the balance of certain accounts and pocketed the extra funds without arousing immediate suspicion, according to the report.
U.S. President Barack Obama convened a national summit on Friday to encourage cooperation between federal and private security specialists to combat hackers and data breaches. The event included executives and security officials from companies such as Microsoft Corp., Google Inc., Yahoo! Inc. and Facebook Inc., and followed hacks at companies including Sony Pictures Entertainment and JPMorgan Chase & Co. last year.