As reported by Kaspersky Labs, the Russian computer security company, around 100 banks and many other financial institutions have been attacked by a gang of cybercriminals.  An estimate of $1 bn has been stolen in the attack so far. It is important to note that this attack began in 2013 and is still active!

The ongoing cybercrime came to light after an investigation was initiated by the Kaspersky Labs along with other crime centers, including the Interpol and Europol. The Carbanak gang, as named by Kaspersky, includes criminals from Europe, including Russia and Ukraine, and China.

How the crime was committed?

This is the most intriguing part of this cybercrime. Instead of opting for illegitimate identities to withdraw money, they went a step ahead and picked up an unusual approach to commit the robbery directly from banks. Here’s how the cyber robbery worth $1bn was committed:

  1. At first, using illegal software, the hackers successfully managed to infiltrate the bank’s internal computer systems.
  2. Thereafter, they infected the bank’s internal computing system with malware that resided in its network for months.
  3. As the bank’s network became vulnerable, the hackers then collected information and forwarded it to their gangs to carry out the other nefarious acts as planned.
  4. Once they were ready to strike, they also succeeded in impersonating the bank staff online to transfer millions of pounds into their fake accounts.
  5. They even succeeded in guiding the cash machines to dispense money at random times of the day without even using the bank card.

Appears to be a direct lift off a Hollywood flick? Well, it’s perhaps deadlier than that!

The worst; no matter what software these banks used, was not going able to reverse the plans of these cybercriminals who are still directly infecting the network.

Speaking about the complexity of the threat, Sergey Golovano of Kaspersky Lab said, “These bank heists were surprising because it made no difference to the criminals what software the banks were using. So even if its software is unique, a bank cannot get complacent. The attackers didn’t even need to hack into the banks’ services. Once they got into the network, they learned how to hide their malicious plot behind legitimate actions. It was a very slick and professional cyber-robbery.”

Even after identifying the exact plot of crime by the Carbanak gang, banks are still at risk as once installed, the malware can start operating independently, which is far more difficult to identify.

Possibilities caused by the residing malware

Once installed, malware can get more dangerous than imagined. Here are the possibilities that could arise if the already residing malware is not detected and removed on time:

  • Cybercriminals can easily gain entry into an employee’s system through a process called spear phishing – where an e-mail is sent disguising itself to have been sent from a legitimate source.
  • Once the victim opens up the e-mail message, the malware would infect its system allowing the hackers to access their bank’s network.
  • The criminals would also gain access to the administrator’s system, through which information like video surveillance of the office premises can easily be acquired.

Notably, Kaspersky Labs was approached for investigating the matter after a cash machine in Ukraine was found dispensing money at random times without the use of any bank card.

The growing popularity of the Internet has boomed the business of online criminals. Initially, cybercrime was committed by individuals or small groups, but today it has become a business for many big names- in fact, many criminal organizations are working hand-in-hand with tech professionals to commit cybercrime.  The modes of committing crime may have changed – but their aim still remains the same – monetary gains and easy acquiring of funds for carrying out other illegal activities.