The New Under Ground Church-THE TRUTH MUST BE TOLD: "The World's Most Sophisticated Cyber Attack" - How Hackers Infiltrated The Banks & Stole Millions

Tuesday, February 17, 2015

"The World's Most Sophisticated Cyber Attack" - How Hackers Infiltrated The Banks & Stole Millions

Submitted by Tyler Durden on 02/15/2015 20:20 -0500

Since late 2013, The NY Times reports that an unknown group of hackers has reportedly stolen $300 million - possibly as much as triple that amount - from banks across the world, with the majority of the victims in Russia. The attacks continue, all using roughly the same modus operandi...

Hackers send email containing a malware program called Carbanak to hundreds of bank employees, hoping to infect a bank’s administrative computer.

Programs installed by the malware record keystrokes and take screen shots of the bank’s computers, so that hackers can learn bank procedures. They also enable hackers to control the banks’ computers remotely.

By mimicking the bank procedures they have learned, hackers direct the banks’ computers to steal money in a variety of ways:

Source: Kasperskly Labs
As The NY Times reports,

In late 2013, an A.T.M. in Kiev started dispensing cash at seemingly random times of day. No one had put in a card or touched a button. Cameras showed that the piles of money had been swept up by customers who appeared lucky to be there at the right moment.

But when a Russian cybersecurity firm, Kaspersky Lab, was called to Ukraine to investigate, it discovered that the errant machine was the least of the bank’s problems.

The bank’s internal computers, used by employees who process daily transfers and conduct bookkeeping, had been penetrated by malware that allowed cybercriminals to record their every move. The malicious software lurked for months, sending back video feeds and images that told a criminal group — including Russians, Chinese and Europeans — how the bank conducted its daily routines, according to the investigators.

Then the group impersonated bank officers, not only turning on various cash machines, but also transferring millions of dollars from banks in Russia, Japan, Switzerland, the United States and the Netherlands into dummy accounts set up in other countries.

In a report to be published on Monday, and provided in advance to The New York Times, Kaspersky Lab says that the scope of this attack on more than 100 banks and other financial institutions in 30 nations could make it one of the largest bank thefts ever — and one conducted without the usual signs of robbery.

...

Kaspersky Lab says it has seen evidence of $300 million in theft through clients, and believes the total could be triple that.

No bank has come forward acknowledging the theft...

The silence around the investigation appears motivated in part by the reluctance of banks to concede that their systems were so easily penetrated, and in part by the fact that the attacks appear to be continuing.

The managing director of the Kaspersky North America office in Boston, Chris Doggett, argued that the “Carbanak cybergang,” named for the malware it deployed, represents an increase in the sophistication of cyberattacks on financial firms.

“This is likely the most sophisticated attack the world has seen to date in terms of the tactics and methods that cybercriminals have used to remain covert,” Mr. Doggett said.

...

Mr. Doggett likened most cyberthefts to “Bonnie and Clyde” operations, in which attackers break in, take whatever they can grab, and run. In this case, Mr. Doggett said, the heist was “much more ‘Ocean’s Eleven.’ ”

“We found that many banks only check the accounts every 10 hours or so,” Mr. Golovanov of Kaspersky Lab said. “So in the interim, you could change the numbers and transfer the money.”

Read More Here...

* * *

Average:

Your rating: None Average: 5 (17 votes)

Login or register to post comments
23438 reads
Printer-friendly version
Send to friend

- advertisements -

by Taboola by Taboola

You May Like

Brainjet

35 Tattoos Every Basic Girl Wishes She HadBrainjet

Undo

Stansberry Research

The Story Behind The 2015 U.S. Dollar UpgradeStansberry Research

Undo

Money Morning Newsletter

Russia Has Begun Dumping U.S. DollarsMoney Morning Newsletter

Undo

VentureCapital News

This High Tech Startup is on Venture Capital RadarsVentureCapital News

Undo

Hair Loss Protocol eBook

Unique Method Regrows Lost Hair (Do This Daily)Hair Loss Protocol eBook

Undo

ViralNova

Someone Stumled Across Something Deep In The Woods - Beneath It Was One of History’s …ViralNova

Undo

Sun, 02/15/2015 - 20:24 | 5788516 Victory_Garden

https://www.youtube.com/watch?v=OOLlf2BoUDU

Sun, 02/15/2015 - 20:47 | 5788587 wee-weed up

How do you think the ChiComs are paying for the massive expansion of their military?
(Which they will eventually use against us)

Sun, 02/15/2015 - 20:47 | 5788594 Master_Blaster

Our senior DBA just had a malware attack on Thursday.....think that's bad?

Sun, 02/15/2015 - 21:15 | 5788673 tarabel

Only if you're the employee who watches lots of porn on the company system.

Sun, 02/15/2015 - 23:11 | 5788948 NidStyles

Sounds more like someone is either sending a message to the bankers, or they are testing their ability to infiltrate the banking system.

Either way, they would have done us a larger favor had they simply started wiping out debts instead and erasing any trace of them.

Mon, 02/16/2015 - 03:01 | 5789210 Greyhat

Its just the NSA filling some black budget holes! :)
"Western Spy Agencies Secretly Rely on Hackers for Intel and Expertise"
https://firstlook.org/theintercept/2015/02/04/demonize-prosecute-hackers...

Mon, 02/16/2015 - 03:43 | 5789247 commander gruze?

Bitcoin users not affected.

Mon, 02/16/2015 - 10:02 | 5789827 funthea

Thats because the cyber group knows that bitcoin is going much lower, and its future is to be on par with the infinite number of other alt coins. That is the only way bitcoin can survive. Its the only way the masses will start using it. Why spend $234 USD for a bitcoin when you can buy litecoin for $1.80 USD, or any other alt coin for that matter. Wake the fuck up! Stop grasping at straws. Take your loss and move on.

Mon, 02/16/2015 - 10:07 | 5789838 City_Of_Champyinz

lol bitcoin. How much has the value of bitcoin plummeted in the last year again?

Mon, 02/16/2015 - 15:20 | 5791016 commander gruze?

If you think it's about the price you're not paying attention.

Sun, 02/15/2015 - 20:49 | 5788595 NoDebt

"Since late 2013"
"with the majority of the victims in Russia"
If that's not NSA or CIA I'll eat my hat.

Mon, 02/16/2015 - 07:27 | 5789409 Arnold

Just a passing thought, but I wouldn't discount Russia's new glasnost partner, those sneaky Chinese hoards.
(Or the Norks. Chuckle. Chuckle)

Sun, 02/15/2015 - 20:26 | 5788523 Skateboarder

Someone, stop those thieves! (no, not the 'hackers' - the guys who counterfieted the 'money' the 'hackers' stole)

Sun, 02/15/2015 - 20:37 | 5788562 A Nanny Moose

The State has more guns, and they are bigger.

Mon, 02/16/2015 - 00:46 | 5789095 ebworthen

Exactly. These hackers didn't do anything different from what central banks the world over do; they added a zero (or two) to someone's account balance then transfered money to themselves.
The victim account holder might have had $10,000 in their account - the hackers made it $100,000, then transfered $90,000 to themselves in the blink of an eye, account holder still has $10,000.
No diffterent than Ben Bernanke or Janet Yellen hitting Ctrl+P on the FED keyboard and the Treasury giving banks all the "money" they want at 0.5% so they can lend it out at to the sheeple at 4.5%-29%.
Who are the more malicious thieves here, hackers giving themselves some cash or the .gov and bank/corporate interests working together to rob the public treasury while making citizens debt slaves?

Mon, 02/16/2015 - 02:21 | 5789192 NidStyles

Which is all the more reason I am just going to assume that it was the Fed that perpetrated the hack themselves, probably through a proxy to enable it as a justification for an end to the "net-neutrality", or a lockdown kill switch for the whole of the internet.

I expect to see more of these so called "hacks".

Mon, 02/16/2015 - 13:03 | 5790504 Eternal Complainer

Operation: chaos

Mon, 02/16/2015 - 21:16 | 5792477 Arius

well, one thing is for certain ... these are not small potatoes kind of things run from the garage

Sun, 02/15/2015 - 20:27 | 5788530 dufferin

'nul ne peut se prévaloir de sa propre turpitude' bank is fraud so...

Sun, 02/15/2015 - 20:27 | 5788531 Osmium

Jon Corzine strikes again?

Mon, 02/16/2015 - 00:13 | 5789051 eatthebanksters

Only if they are segregated funds protected by law...

Sun, 02/15/2015 - 20:32 | 5788533 knukles

See, this exactly the front end running that I've talked about with you people brfoer that end runs encryption.
Like the simple commercial software available for parents to keep track of their kid's activities on line which will record every keystroke and scree of every site visited, it's simply downloaded onto the system in question and records the activity.
Later, the necessary information sought is retrieved and voila, y'all got entry into and command of said system
It end runs (both front and back) encryption. Just as my acquaintance, the retired crypto analyst at the Uknowhoagency agreed to when offered the paradigm.
So simple a caveman could do it
This is a no brainer.
If it in any way is connected to the ether-space, it is publicly available. EOC QED
PS Also tells you that we as individuals should always hand audit/balance our financial statements with any financial institution by hand. Just like in the old days. If ya' don't activity like this takes place, you never ever know it. That's your second best control over this kind of theft. The first and best is not to have anything on line .... but your bank is already on line, so no absolute control other than personal eyeball check and balance

Sun, 02/15/2015 - 20:44 | 5788585 nmewn

"The first and best is not to have anything on line..."
Ayep.

Sun, 02/15/2015 - 20:47 | 5788593 cornfritter

say what you will sir, but this is going to require billions more dollars, and a good bit more legislation before it is never dealt with

Sun, 02/15/2015 - 21:22 | 5788693 booboo

Yep, another lettered Big Government agency will need to be created to handle this task. How about the Trade Reliance Intelligence Bureau and Execution or TRIBE for short?

Mon, 02/16/2015 - 09:09 | 5789662 tnquake

I suggest the new goverment entitiy be called SHIT for "SHeeple IT"

Mon, 02/16/2015 - 03:41 | 5789246 Exponere Mendaces

Funny how ex-banker Knukles knows how it all works, encryption and all - but still can't wrap his liver-spotted skull around Bitcoin.
Aww shucks grandpa, you're sooo smart.
LOL.

Sun, 02/15/2015 - 20:36 | 5788556 Bossman1967

The bankers paying themselves out and reporting it as a hack

Sun, 02/15/2015 - 20:39 | 5788566 A Nanny Moose

The first step in robbing a bank is buying it.

Sun, 02/15/2015 - 20:49 | 5788599 Thirtyseven

Yep, and probably a tax write off too.

Sun, 02/15/2015 - 20:51 | 5788604 Dragon HAwk

That will come later.. the old I've been robbed they got 5k, when in fact the robber took 250.00.

Sun, 02/15/2015 - 21:04 | 5788643 HonkyShogun

If you want to rob a bank, buy a gun.
If you want to rob the world, buy a bank.

Sun, 02/15/2015 - 20:39 | 5788569 DaveA

Fortunately, government central banks can print more money to replace what was stolen. OTOH if a Bitcoin bank gets robbed, the depositors are SOL.

Sun, 02/15/2015 - 20:42 | 5788578 nmewn

Its not FDIBitC insured? ;-)

Sun, 02/15/2015 - 21:52 | 5788776 Bunga Bunga

The central bank does not replace stolen money. The banks simply rob the customers to get the stolen money back.

Sun, 02/15/2015 - 20:42 | 5788577 A Lunatic

My guess is this money is quietly being funneled into BlackOps projects. For the children of course........

Sun, 02/15/2015 - 20:44 | 5788583 brown_hornet

Don't worry. They just have to print to make up for the shortfall.

Sun, 02/15/2015 - 20:52 | 5788584 exartizo

are you kidding?
$300 million is NOTHING to the Banksters.
neither is a "paltry" billion here or there.
Now compromised trust in the banking system DOES mean something to them.
And it might possibly explain why so many banksters heads have rolled of late.

Sun, 02/15/2015 - 20:45 | 5788589 Duc888

They stole zero's and ones, not wealth. Any jack ass could just walk over to a terminal and replace the zero's and ones.

Sun, 02/15/2015 - 20:55 | 5788617 Atomizer

How does a hacker steal counterfeit money that has been quantitatively eased by the Federal Reserve under no asset backing? Buying MBS and bonds that hold future maturity to pay back a leveraged obligation. How does a hacker steal money created out of thin air?
Fuck you NSA, suck the smoke up your alert cybercrime ass. If you knew the people, the cable would have never hit the internet news. It would be Classified Intel. Fake stories to catch a phishing story. Stupid cunts trying to validate your budget.
Isn't your mission to predict a crime before it happens? Perhaps cutting your budget will make you more effective or defunct. Boo!

Sun, 02/15/2015 - 21:09 | 5788653 Who was that ma...

Note to self: Sign up for that advanced computer class tomorrow.

Sun, 02/15/2015 - 21:11 | 5788657 Atomizer

01001110 01010011 01000001 00100000 01000011 01100001 01100010 01101100 01100101 00101110 00100000 01010111 01100101 00100000 01101100 01100001 01110101 01101110 01100011 01101000 01100101 01100100 00100000 01100001 00100000 01101100 01100101 01100001 01101011 00100000 01110100 01101111 00100000 01101111 01100011 01100011 01110101 01110010 00100000 01101111 01101110 00100000 01010011 01110101 01101110 01100100 01100001 01111001 00101110 00100000 01010111 01100101 00100000 01100100 01101111 01101110 00100111 01110100 00100000 01110111 01100001 01101110 01110100 00100000 01100101 01100111 01100111 00100000 01101111 01101110 00100000 01100110 01100001 01100011 01100101 00101110 00100000 01001000 01100101 01101100 01110000 00100000 01110101 01110011 00100000 01101111 01110101 01110100 00101110 00100000

Sun, 02/15/2015 - 21:32 | 5788727 billsbest

Can't agree with you: 110001100 110001100 110001100 110001100
110001100 110001100 110001100 110001100
See what I mean?

Sun, 02/15/2015 - 21:35 | 5788734 WmMcK

There are 10 kinds of people, those who understand binary and those who don't.

Sun, 02/15/2015 - 21:39 | 5788741 Clowns on Acid

You Sir - are a geek

Sun, 02/15/2015 - 21:51 | 5788773 WmMcK

There's no place like 127.0.0.1

Sun, 02/15/2015 - 22:28 | 5788873 are we there yet

Those are strong cuss words. Tone it down for the children here.

Mon, 02/16/2015 - 03:08 | 5789218 Bearwagon

01000001 01101100 01101100 00100000 01111001 01101111 01110101 01110010 00100000 01101101 01101111 01101110 01100101 01111001 00100000 01100001 01110010 01100101 00100000 01100010 01100101 01101100 01101111 01101110 01100111 00100000 01110100 01101111 00100000 01110101 01110011 00100001

Sun, 02/15/2015 - 21:12 | 5788661 Al Tinfoil

This bank theft is just the one we are being told about. How many other instances of bank hacking are being concealed?
But don't worry, the info you have stored in the cloud is completely safe.

Sun, 02/15/2015 - 21:30 | 5788721 billsbest

Where did Ebola go?