× Digital News Videos Weird News Health & Science Sunday Magazine Lifestyle Opinion Education Columns Moi Cabinets Arts & Culture Special Reports Fact Check E-Paper Lifestyle & Entertainment Nairobian Entertainment Eve Woman Travelog TV Stations KTN Home KTN News BTV KTN Farmers TV Radio Stations Radio Maisha Spice FM Vybez Radio Enterprise VAS E-Learning Digger Classified Games Crosswords Sodoku The Standard Group Corporate Contact Us Rate Card Vacancies DCX O.M Portal Corporate Email RMS

Criminal gang that has robbed up to 100 banks in two years

By Mirror | February 16th 2015 at 14:39:27 GMT +0300

Cybercriminals have stolen $1 billion (£650 million) from up to 100 banks worldwide in an unprecedented heist that security researchers have described as "very slick and professional".

The attacks, which have been taking place since 2013, are still ongoing.

The Carbanak criminal gang - believed to be an international group spanning Ukraine, Russia and China - uses a range of digital weapons to execute the attacks involving the theft of up to $10 million at a time.

Attacks are meticulously planned, taking up to four months from the point of infecting a computer through to making off with the cash.

The cyber-thieves gain access to the network and then mimic the legitimate actions of staff in order to pilfer funds.

Read More

The gangs infiltrate banks using "spear phishing" attacks, where targeted emails containing malicious software are sent to bank employees.

Once the victim's computer was infected, the gang could gain access to the network and track down administrators’ machines.

The gang uses these machines to monitor the activity on the screens of staff working on cash transfer systems - allowing cybercriminals to learn how different bank clerks behaved before mimicking their activity to transfer funds into their own accounts.

The cyber fraudsters also took control of ATMs, making them dispense cash at a pre-determined time. A gang member would be nearby to collect the wads.

Security company Kaspersky Lab has been working with INTERPOL and Europol to hone in on the cybergang.

“These bank heists were surprising because it made no difference to the criminals what software the banks were using.

"The attackers didn't even need to hack into the banks’ services: once they got into the network, they learned how to hide their malicious plot behind legitimate actions. It was a very slick and professional cyber-robbery,” said Sergey Golovanov, Principal Security Researcher at Kaspersky Lab.

The same gang has targeted 100 different banks, e-payment systems and other financial institutions since 2013. And the attacks are STILL happening.

Countries affected have included Russia, USA, Germany, China, UK, Romania, Norway, Switzerland, Ireland, Australia and Brazil.

Banks who are concerned about the attack should scan their systems for evidence of Carbanak malware.

Read More