The hackers used phishing schemes and other methods to infiltrate the banks’ systems and lie dormant gathering information about bank operations. They then steal funds by transferring money to fake accounts and dispensing cash from ATMs.
The communication was revealed through a report that Russian-based Kaspersky Lab is presenting today at a security conference in Cancun, Mexico.
“This is likely the most sophisticated attack the world has seen to date in terms of the tactics and methods that cybercriminals have used to remain covert,” the lab’s Chris Doggett told The New York Times, which first reported on the incident.
In one case, a bank lost $7.3 million through ATM fraud. In another case, a financial institution lost $10 million by the attackers exploiting its online banking platform.
Banks which have been hit most are in Russia, the U.S., Germany, China and Ukraine, although the attackers may be expanding throughout Asia, the Middle East, Africa and Europe, Kaspersky said.
The hackers seem to limit their theft to about $10 million before moving on to another bank, which may explain why the fraud went undetected so long, Kaspersky’s principal security researcher Vicente Diaz told The Associated Press.
Via: USA Today