Banking Alert: Global Hackers Steal $45 Million From ATMS
May 11, 2013
Brooklyn US Attorney Loretta Lynch is involved in prosecuting a gang of cyber criminals for hacking into databases of pre-paid debit cards and using them to extract $45 million out of ATMs. Lynch stated that several of the mend arrested in connect with this crime were originally from the Dominican Republic.
In the cyber world, this attack was known as “Unlimited Operations”.
The Department of Justice (DoJ) and law enforcement in Germany, Japan, Canada, Romania and 12 other countries were involved in this investigation.
Lynch said: “The defendants and their co-conspirators participated in a massive 21st century bank heist that reached across the Internet and stretched around the globe. In the place of guns and masks, this cybercrime organization used laptops and the Internet. Moving as swiftly as data over the Internet, the organization worked its way from the computer systems of international corporations to the streets of New York City, with the defendants fanning out across Manhattan to steal millions of dollars from hundreds of A.T.M.’s in a matter of hours.”
Twenty-seven countries were affected by this scheme.
Seven individuals have been apprehended in the US while others across the globe are being arrested in connection with this heist.
Authorities say that by using bogus magnetic swipe MasterCard debit cards at ATMs, this cell of thieves withdrew $2.8 million in cash from those hacked accounts in one day. Prosecutors revealed that 2,904 withdrawals resulted in nearly $3 million being stolen.
MasterCard stated that they cooperated with law enforcement investigations; yet detailed how their systems were not affected by these attacks. The Secret Service was contacted by MasterCard after the suspicious activity was performed.
Robert Rodriquez, former agent with the Secret Service and current chairman of the Security Innovation Network (SIN) explained that this was an “old crime”.
Rodriquez said: “The difference today is that the dynamics of the Internet and cyberspace are so fast that we have a hard time staying ahead of the adversary.”
Surveillance cameras at ATMs have caught the image of most of the thieves as they filled backpacks with cash in Manhattan.
Lynch asserts that the cash would be laundered and sent overseas to the ring leader.
Expensive purchases were made in cash to hide the money stolen; such as luxury cars, expensive watches. Prosecutors seized Rolex watches, a Mercedes G63 AMG and a Porsche Panamera.
Internationally, prosecutors say that the National Bank of Ras al-Khaimah PSC (Rakbank) located in the United Arab Emirates and the Bank of Muscat in Oman were attacked into by a virtual criminal flash mob that eliminated withdrawal limits from ATMS and drained accounts.
Authorities say that $40 million was syphoned out in recent attacks which can be added to the $5 million that was stolen last December.
This information was passed to “cashers” or “cashing crews” that were dispatched simultaneously to withdraw funds from ATMs in cities across the world.
Rose Romero, a former federal prosecutor and regional director for the U.S. Securities and Exchange Commission (SEC), said : “Unfortunately these types of cybercrimes involving ATMs, where you’ve got a flash mob going out across the globe, are becoming more and more common.”
Romero expects that more of these types of crime will surface.
Ken Pickering, member of the intelligence firm CORE Security, explained that “once you see a large attack like this, that they made off with $45 million, that’s going to wake up the cybercrime community.”
In 2009, the Royal Bank of Scotland was targeted in a pre-paid scam wherein $9 million was taken in less than 12 hours from ATMs.
Bill Stewart, senior vice president at Booz Allen believes that these hackers displayed sophistication in their utilization of ATMs and cybercrime being carried out on such as vast scale.
Stewart said: “The run of the mill criminals are more common [in cybercrime] than you think. There are still many institutions these days are not practicing good security hygiene. So these kinds of attacks work.”