On Sunday (2/16), Kaspersky reported they have discovered how hackers managed to steal close to $1 billion from banks all around the world over the course of two years. The hackers installed spying software, in the form of malware, on bank computers. They eventually learned how to mimic bank employee work practices and keystrokes. They then used their intel to make transfers into dummy bank accounts they created. In addition to transfers, the hackers used a few other methods in their elaborate heist.
One method was actually inflating account balances and withdrawing the difference. For example, if an account had $2,000 in it, the hackers would inflate the account balance to reflect $20,000 and withdraw $18,000 to return the account to its original balance. This method went virtually undetected.
Another method they used involved hacking into ATM machines. The hackers placed a bug in specific ATMs so that the machine would dispense cash at random, but specified times so that a conspirator could retrieve it.
According to Kaspersky, more than 100 banks were hit in 25 countries, including the United States. It is believed that the hackers stole between $2.5 million and $10 million from each bank. The report from the lab also noted that the “attacks remain active.”
Consumers can rest easier, as it seems these hackers were focused on stealing from the banks, rather than customers and their account information. “In this case they are not interested in information. They’re only interested in the money,” Kaspersky principal researcher Vicente Dias told the Associated Press. “They’re flexible and quite aggressive and use any tool they find useful for doing whatever they want to do.”