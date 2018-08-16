Hackers Steal $13 Million From Bank ATMs In 28 Countries

by Tyler Durden
Thu, 08/16/2018 - 15:27

Authored by Joseph Jankowki via PlanetFreeWill.com,

Just days after an FBI warning of the prospect of a worldwide mass hacking plot  that could have millions withdrawn from bank accounts, Hackers managed to steal $13 million from ATMs across 28 countries. 

The cybercriminals infected cash machines of India based Cosmos Bank with malware, which allowed them to approve transactions and access client accounts, reports Yahoo News. Fake credit cards were used to drain the cash from the machines.

In a confidential alert issued last Friday, the FBI had warned American banks of an imminent “cashout” attack on cashpoints around the globe.

The agency was concerned of a highly choreographed fraud scheme known as an ATM “jackpotting,” essentially describing exactly what had happened to the ATMs of Cosmos Bank.

Roughly 12,000 transactions were made during the hack attack between 11 August and 13 August, according to Cosmos Bank chairman Milind Kale.

“In two days, hackers withdrew a total 780 million rupees ($11.1m) from various ATMs in 28 countries, including Canada, Hong Kong and a few ATMs in India, and another 25 million rupees ($356,000) were taken out within India,” he said.

The hacks continued into Monday with the attackers transferring 139.2 million rupees ($2m) to a Hong Kong-based bank by using the Bank’s compromised SWIFT international payments system.

Cosmos Bank said in a statement to Reuters that, “During the malware attack, a proxy switch was created and all the fraudulent payment approvals were passed by the proxy switching system.”

While it isn’t totally clear who was behind the hacks, some media outlets are questioning it was the North Korean linked Lazarus group who reportedly tried to transfer some $81 million from the central bank of Bangladesh.

Since the attack, Cosmos has told account holders that their money is safe and a professional forensic agency has been hired to investigate the attack.

Tags
Business Finance
Banks - NEC
Commercial Banks
Search Engines

Comments

Vote up!
 1
Vote down!
 0
Greendawg Coinista Thu, 08/16/2018 - 15:50 Permalink

Somebody should dox this low life criminal faggot  i would love to break his fingers and toes one by one until he gave his shitcoin up so i could give every last bit of it away to people like the ones who dox him :D  Like i really would like to break his fingers and toes one by one just for the pleasure of hearing his screams of agony i could give a fuck about his digital ledger scam i just enjoy watching trash like this suffer immensly.

Vote up!
 1
Vote down!
 3
stellastella149 Greendawg Thu, 08/16/2018 - 15:55 Permalink

 

Google is paying 97$ per hour,with weekly payouts.You can also avail this.On tuesday I got a
brand new Land Rover Range Rover from having earned $11752 this last four weeks..with-out any
doubt it's the most-comfortable job I have ever done .. It Sounds unbelievable but you wont
forgive yourself if you don’t check it

✫Good Luck✫ http://www.todaysfox.com

Vote up!
 8
Vote down!
 0
bowie28 OCnStiggs Thu, 08/16/2018 - 15:36 Permalink

Right.  They are sophisticated enough to know days in advance this was going to happen but powerless to prevent it?

And now it is conveniently blamed on a group that is "North Korea Linked".

So the anonymous sources claiming Kim is secretly building nukes and playing Trump for a fool didn't work.  On to the next tactic to derail peace talks...

 

Vote up!
 2
Vote down!
 0
Nunyadambizness Thu, 08/16/2018 - 15:32 Permalink

No worries, everything's just fine with your money.  It will all be returned poste haste and everything will be fine...

Why am I reminded of Kevin Bacon yelling "ALL IS WELL!!" "ALL IS WELL!!'  ??

Vote up!
 3
Vote down!
 0
BritBob Thu, 08/16/2018 - 15:32 Permalink

At least it wasn't taken from internet banking accounts (the banks would try and blame individual account holders). So the loss falls on the banks and not individual customers. Tut tut .

Vote up!
 1
Vote down!
 0
opsyn Thu, 08/16/2018 - 15:36 Permalink

I fucking love this shit. Here's 1 billion dollar heist, unfortunately they got caught but think BIG. Old-school robbers would be jealous because that amount of bills would weigh ~10 000 kg / 22 000 pounds.

 

 

The leader of the crime gang behind the Carbanak and Cobalt malware attacks that targeted more than 100 financial institutions worldwide and stole more than €1 billion from banks, e-payment systems and financial institutions in more than 40 countries has been arrested in Alicante, Spain.

In a press release today, Europol said the arrest followed a complex investigation conducted by the Spanish National Police, with the support of Europol; the U.S. FBI; the Romanian, Belarussian and Taiwanese authorities; and private cybersecurity companies.

In 2013 the gang launched the Anunak malware campaign that targeted financial transfers and ATM networks of financial institutions around the world. A year later it had been improved, and as Carbanak, it was used in until 2016. Then an even more sophisticated wave of attacks was launched using tailor-made malware based on the Cobalt Strike penetration testing software. Cobalt malware alone was responsible for thefts of up to € 10 million per heist.

In each of the attacks the criminals would spearphish bank employees with a n email containing a malicious attachment impersonating legitimate companies. Once downloaded, the malware allowed the criminals to remotely control the victims' infected machines, giving them access to the internal banking network and infecting the servers controlling the ATMs. This provided them with the knowledge they needed to cash out the money.

Cashing

The money was cashed out in various ways:

  • ATMs were instructed remotely to dispense cash at a pre-determined time, with the money being collected by organised crime groups supporting the main crime syndicate: when the payment was due, one of the gang members was waiting beside the machine to collect the money being ‘voluntarily' spit out by the ATM;
  • The e-payment network was used to transfer money out of the organisation and into criminal accounts;
  • Databases with account information were modified so bank accounts balance would be inflated, with money mules then being used to collect the money.

The criminal profits were also laundered via cryptocurrencies using prepaid cards linked to the cryptocurrency wallets which were used to buy goods such as luxury cars and houses.

International police cooperation coordinated by Europol and the Joint Cybercrime Action Taskforce is reported to have been central in bringing the perpetrators to justice, with the mastermind, coders, mule networks, money launderers and victims all located in different geographical locations around the world.

Vote up!
 1
Vote down!
 0
Herdee Thu, 08/16/2018 - 15:56 Permalink

Just wait till all the ATM's go down and nobody can access their credit cards or bank accounts and the banks put that little sign up on the doors -

"sorry we're closed", then on the Friday evening news you hear "It's a bank holiday until Monday, The President will be speaking on Saturday", Something called a "Bail-In is taking place" someone says, "What the fuck is that?"

Vote up!
 0
Vote down!
 0
dot_bust Thu, 08/16/2018 - 16:03 Permalink

Can anyone say, "Inside job?"

I never believe the official explanations of events regarding
so-called hacking.

In alleged hacking cases of big companies like Target and Experian, I'd have to say that the so-called hacker is simply someone who works in or has access to the company's network operations center.

That person probably has administrative access to the servers and can simply attach an external high-capacity hard drive to the servers to siphon off data or plant malware.