Hundreds Of Millions Stolen After Wave Of Transfer-Heists Rock Mexican Banks

Lorenza Martinez, director of the Payment System of the Bank of Mexico, informed Reuters in a telephone interview last week that more than five Mexican financial institutions have recently observed “unauthorized transfers,” resulting in hundreds of millions of pesos stolen.

Cybercriminals siphoned 400 million of pesos ($20.4 million) out of Mexican banks, including the second largest bank: Grupo Financiero Banorte, by generating “phantom orders that wired funds to fake accounts and promptly withdrew the money,” sources close to the government’s investigation told Reuters. Sources explained how cybercriminals “sent hundreds of false orders to move amounts ranging from tens of thousands to hundreds of thousands of pesos from banks including Banorte, to fake accounts in other banks.” Once the funds landed in the fraudulent accounts, accomplices would then go to local branch offices around the country and drain the accounts.

Daily newspaper El Financiero said that these cybercriminals stole around 160 million pesos ($8.2 million) from Banco del Bajio and approximately 150 million pesos ($7.7 million) from Banorte. The remaining amount was spread across smaller financial institutions.

Hackers would have stolen 400 million pesos after the cyber attack in April. (Source: El Financiero)

Inter-bank orders declined in late April, as well as the lack of transparency on the part of financial regulators, which has stoked concerns that Latin America’s second-biggest economy fell victim to cyber attacks that have been disrupting Central Banks and financial institutions around the world.

“The authorities claim that in this cyber attack the SPEI was not violated, but that the “hacking” was through the system that the banks have with suppliers to connect with the SPEI.

One involved in the investigations ensures that it is not yet known exactly how the criminals operated, so there is no exact data yet of the amount stolen, information considered, it will be difficult for it to be revealed by those affected or by the authorities of the financial sector.

Market participants consider that the accounts in which the money was dispersed are located within the country, since in international transfers there are more alerts within the same institutions,” said El Financiero.

Another source told Reuters that these cybercriminals might have had inside assistance to complete such transactions. “In terms of the security of the bank’s offices, I think that is part of the analysis that each bank is doing,” Martinez said.

He also added that the SPEI interbank transfer system was not compromised, but third-party software connected to the payment network might have been. SPEI is comparable to the SWIFT’s messaging services used by more than 11,000 financial institutions in more than 200 countries.

El Financiero indicates that three years ago, at least three financial institutions in Mexico were victims of severe cyber attacks.

“Three years ago at least three banks in Mexico were victims of a “hack”, since the criminals detected a “vulnerability” within a part of their computer systems.

After entering a code in their systems, they proceeded to register third parties, “sowed” accounts in SPEI and made transactions for amounts similar to accounts in other open banks with the same name as the account holder. The money was then withdrawn early in the window by those customers. On that occasion, the affectation did not exceed 50 million pesos.”

El Financiero provides information with Bloomberg data showing Cybercrime is on the rise.

However, the location of where the cyber attack originated from is still unknown, it would not shock us if Mexican drug cartels are now diversifying their operations into cybercriminal units attacking Mexican financial institutions.


Bitchface-KILLAH skbull44 Mon, 05/14/2018 - 19:01 Permalink

Bitcoin is much safer...

I've been binging hard, frothing at the mouth and heavy breathing about crypto for the past 7 years.  In that time I have had no Bitcoin or crypto stolen.  And in that same time, my PayPal was hacked once, my debit card was shut down twice for "suspicious activity" and someone tried to apply for a credit card in my name.

In reply to by skbull44

ATM Bitchface-KILLAH Mon, 05/14/2018 - 19:32 Permalink

Give it time Bitchface, give it time. 

That your Bitcoin haven't been stolen yet doesn't mean that they will not. I would place the odds of them being stolen at some point in the future at nearly 100%. Hopefully at that time you will not own them any longer and will have passed them off to some other piker.

In reply to by Bitchface-KILLAH

stacking12321 takeaction Mon, 05/14/2018 - 18:41 Permalink

Once the funds landed in the fraudulent accounts, accomplices would then go to local branch offices around the country and drain the accounts.

i'd be interested in hearing more detail on how they accomplished that.

getting cash from a bank is normally like pulling teeth.

chase just shut down my company account because i've been pulling out tons of cash - nothing illegal about doing that, but they like to keep the sheeple on the reservation.

In reply to by takeaction

Whoa Dammit stacking12321 Mon, 05/14/2018 - 19:59 Permalink

@Stacking-- Mexican bank employees don't want to wind up looking like this by crossing the cartels--Don't open this link if you plan on eating diner anytime soon, as it is very graphic.…

Nothing happens in Mexico without the cartels being in on it. 16 people were killed in 12 hours including a mayoral candidate, 2 police officers and a police commander over pipeline siphoning. What do you think they would do to a bank employee that wouldn't hand over the hacked cash?…

In reply to by stacking12321

snblitz stacking12321 Mon, 05/14/2018 - 23:26 Permalink

I can get cash from my own bank pretty easily, but getting cash from other banks is nearly impossible.

In many states of the US banks are required to exchange checks drawn on the issuing bank (the branch that the account was held at) for cash on demand.   So far as I know this is still the case, but lots of banks refuse to honor such demands as I have personally experienced.

In reply to by stacking12321

Karl Marxist Aliens-R-Us Mon, 05/14/2018 - 19:10 Permalink

Money wasn't stolen. It didn't exist in the first place. So, MexBank A, lacking funds or not paying kickbacks has to rob MexBank B of their non-existent funds. It's a computer game. Unfortunately, because it's fiat, there's no real accounting and Mexico's central bank will just print more to prop up the balance sheet.

That's my opinion. I'm Pablo Escobar...

In reply to by Aliens-R-Us

whosyerdaddy Mon, 05/14/2018 - 18:35 Permalink

"One lawyer can steal more than a thousand men with guns". Der Gottvater, I am tempted to say one hacker can steal more than a thousand lawyers but that can't be right........

Pascal1967 Mon, 05/14/2018 - 19:02 Permalink

Oh no!  Hundreds of millions of pesos gone! 

Reminds me of the truckload of Ramen noodles that was destroyed ... tens of dollars in product were lost.