This was discovered by the Russian anti-virus firm Kaspersky Lab on Monday a report on the operation will publish the cybercriminals, but part of all details with the New York Times reported. The Russian virus fighter came the criminals on the track when an ATM in Kiev randomly money bills issued without there was an ATM card in the machine plugged. Research showed that cyber criminals had infiltrated the internal banking network.
By sending infected e-mails, for example, a news item that appeared from a colleague who became infected by staff opened the bank computers. Through these computers knew the attackers to gain access to the systems that used the bank staff for daily transactions and accounting. Through the installed malware was then included the process of the bank employees.
This information used the criminals to pose as bank staff, where there are millions of banks in Russia, Japan, Switzerland and the United States was transferred to accounts in other countries. To include also the money the criminals ruled the ATMs of the bank, so that the expenses banknotes at a certain time. In addition, the money was transferred through online banking systems.
However, the largest amounts were stolen by hacking the accounting systems of the banks and temporarily change the account. For example, a bill of $ 1,000 to $ 10,000 raised, and $ 9,000 was transferred to another bank. The original account holder noticed nothing of this and the bank fraud after discovering some time. Many banks accounts were found to check every 10 hours. Within this time window, the criminals were able to change the accounts and transfer the money.
In total, were attacked according to Kaspersky Lab over a period of nearly two years, more than 100 banks in 30 countries.Which banks will want the anti-virus company can not say. Researchers from the virus fighter would have seen evidence that the gang $ 300 million has been captured and possibly even triple this. This estimate, however, would be impossible to prove because the criminals a limit of $ 10 million per transaction wielded.
Some banks, however, were repeatedly struck. The New York Times reports that most transactions were modest, probably in order not to let the warning systems of the banks go. "If going to the tactics and methods used by the cybercriminals to go unnoticed, this is probably the most sophisticated cyber attack that has taken place so far," said Chris Doggett of Kaspersky Lab.
Kaspersky Lab know that no Dutch bank or banks are affected there as previously reported, on which the article was adapted. In addition, would also no banks in Belgium and Luxembourg have been targeted. In the article by the New York Times, however, still always stated that money from one or more Dutch banks has been stolen. A survey of Kaspersky Lab shows that after Russia and the US banks in Germany, the Ukraine and China are most affected.
According to the virus fighter used the attackers emails with the attached "Carnabak-malware" and emails were also used with exploits. Or were these exploits of unknown leak or leaks which use an update was available is not yet published. However, the attackers would at banks have infected hundreds of computers to find the computer system, which then accesses the transaction systems were obtained.
Kaspersky Lab has also announced that the New York Times, the cooperation between the anti-virus company and the Dutch National High Tech Crime Unit (NHTCU) may have misinterpreted. The Russian virus fighter has information about the case is sent to the NHTCU. Further, the report will tomorrow during Kaspersky Security Analyst Summit (SAS) are presented, together with Peter Zinn of the NHTCU.
Possibly, the US newspaper based on this that Dutch banks have become victims. However, the Netherlands is in the report that tomorrow does not appear in the list of affected countries. Furthermore, Kaspersky Lab that it has no evidence that Dutch financial institutions have fallen victim.
No comments:
Post a Comment