Banks hit with $1 billion cyber heist - Thehill

A worldwide cyber crime ring has slowly, and without detection, spent the last two years stealing an estimated billion dollars from financial firms in 30 countries, including the U.S., China, Russia and Germany.

And they’re still going, spreading to Asia, the Middle East and Africa, said a new report from security firm Kaspersky.

“It was a very slick and professional cyber robbery,” Sergey Golovanov, Kaspersky Lab's principal security researcher, told the BBC.

Authorities in the U.S. and Europe have said they’re investigating, but if the numbers are accurate, it would likely be the biggest bank cyber heist.

According to the Moscow-based Kaspersky, the hackers — consisting of Russians, Chinese and Europeans — filled their coffers by infiltrating the banks themselves, instead of the more established strategy of infiltrating individual bank accounts.

The digital crime ring broke into banks’ systems using so-called “spear phishing attacks,” essentially fake emails posing as legitimate banking communications. These emails had Microsoft Word documents attached to them, which, when opened, downloaded malicious software onto bankers computers. The hackers were in.

For months, the cyber crime ring used its access to assiduously record banks’ actions. They took video recordings of bank employees, focusing on system administrators, learning their daily operations.

Armed with enough details, the hackers started impersonating bank officers, transferring money directly from the banks into their own fake accounts, or opening up fraudulent payment cards. They would also remotely activate ATMs, sending “money mules” to collect the cash.

A suspiciously active ATM actually turned Kaspersky on to the scheme. A Ukrainian bank brought the security research firm in to help explain why one of its ATMs was turning on at random times during the day, occasionally dispensing money to no one.

“Of the 100 banking entities impacted at the time of writing this report, at least half have suffered financial losses,” said the report. “The magnitude of the losses is significant.”  Read More at Banks hit with $1 billion cyber heist

• Bank hackers find haven in Putin’s Russia