Cybercrime syndicate infiltrated over 100 financial institutions in 40 countries hacking banks and ATMs via malware.
For the past five years, the gang of hackers known as Carbanak has been targeting banks around the world, stealing well over $1 billion in total.
Europol, the pan European police agency have said they’ve apprehended the brain behind the the thefts after a lengthy investigation.
Arrested in Alicante, a popular holiday destination in Spain, the leader of the digital crime gang is allegedly responsible for creating and deploying the Carbanak and Cobalt malware that targeted over 100 financial institutions worldwide.
The investigation was a joint operation conducted jointly between several police forces and law enforcement agencies including the Spanish police (perhaps somewhat obviously), Europol, FBI, the Romanian, Moldovan, Belarussian and Taiwanese authorities and a multitude of privately owned cyber security companies.
“The arrest of the key figure in this crime group illustrates that cyber-criminals can no longer hide behind perceived international anonymity,” said Steven Wilson, head of Europol’s Cyber-Crime Centre. “The arrest of the key figure in this crime group illustrates that cyber-criminals can no longer hide behind perceived international anonymity. This is another example where the close cooperation between law enforcement agencies on a worldwide scale and trusted private sector partners is having a major impact on top level cybercriminality.”
The cybercrime gang have been in operation since 2013 and have hacked banks, ATMs, e-payment systems and various other financial institutions using ingenious pieces of malware they designed themselves, known as Carbanak and Cobalt. Despite the sophistication of the malware used however, a large part of what allowed them to infiltrate the institutions they would later rob, was gained through ‘spear phising’ attempts specifically targeted at employees in order to get them to divulge confidential information.
In conjunction with this knowledge, the thieves then siphoned off cash either through bank transfers and e-payments, or was dispensed automatically through cash machines.
The thieves are alleged to have stolen over $1 billion in the five years they were operating. The Cobalt malware meant that $10 million was stolen in one heist.