Kaspersky Lab, a Russian security company, is reporting that an international group of hackers has stolen up to $1 billion from over 100 banks in 30 countries since 2013.
According to the Associated Press, the hackers gain access into bank computers via malware. The hackers then observe the banks' systems for months via the malicious software.
The criminals program ATM machines to spit out cash (without any bank cards being inserted) and set up fake bank accounts in countries outside the victim banks. Millions of dollars are then transferred to those bank accounts.
Banks have been hit in Russia, Eastern Europe, Asia and the U.S., but no specific banks have been named.
The New York Times reports that the hackers begin by addressing emails to hundreds of bank employees. The emails include a malware program (Carbanak). If one employee opens the mail and clicks it, the malware is launched.
The malware takes screenshots of the bank computers and records the bank employees' keystrokes, and ends the info back to the hackers.
“This is likely the most sophisticated attack the world has seen to date in terms of the tactics and methods that cybercriminals have used to remain covert,” Chris Doggett, of the Kaspersky North America office in Boston, told the New York Times.
Sources: The New York Times, Associated Press
Image Credit: Allan Dwan Productions / Associated Producers, Inc.