Cybercriminals Pocketed Up To $1 Billion by Impersonating Bank Officers
Financial Services
Hackers wriggled spyware into bank computers to observe how employees ran the business, so they could make their fraudulent transactions look like normal operations.
The malicious software recorded every move of employees who process daily transfers and conduct bookkeeping. For months, the malware sent back video feeds and images to the criminal group, which comprised Russians, Chinese and Europeans.
Without detection, the crooks turned on various cash machines, and transferred millions of dollars from banks in Russia, Japan, Switzerland, the United States and the Netherlands into dummy accounts set up in other countries.
To insert the spyware, the hackers first sent an infected email to hundreds of bank employees as bait.
Once an employee clicked on the email, the malware installed programs that can record keystrokes and take screen shots of the bank’s computers.
This intelligence helped the hackers “to get into the internal network and track down administrators' computers for video surveillance,” Reuters reports.
By imitating bank officers, hackers then directed bank computers to steal money in several ways: Transferring money into hackers’ fraudulent bank accounts; Using e-payment systems to send money to fraudulent accounts overseas; Directing ATMs to dispense money at set times and locations.
“The goal was to mimic their activities,” said Sergey Golovanov, who researched these incidents for Kaspersky Lab. “That way, everything would look like a normal, everyday transaction.”
The largest sums were stolen by hacking into a bank’s accounting systems and briefly manipulating account balances.
“Using the access gained by impersonating the banking officers, the criminals first would inflate a balance — for example, an account with $1,000 would be altered to show $10,000. Then $9,000 would be transferred outside the bank. The actual account holder would not suspect a problem, and it would take the bank some time to figure out what had happened,” the New York Times reports.
NEXT STORY: Twitter Account of Twitter CFO Hacked