Budget airline Ryanair has revealed it has been hit by a cyber-attack which saw $5 million (£3.3m) stolen from the company’s corporate account.
The funds were removed from a Ryanair account last week by electronic transfer via a Chinese bank, according to The Irish Times.
However, the company is none the wiser as to how the hacking scam was operated or who was behind it.
“Ryanair confirms that it has investigated a fraudulent electronic transfer via a Chinese bank last week,” the airline said in a statement on Tuesday night.
“The airline has been working with its banks and the relevant authorities and understands that the funds – less than $5 million – have now been frozen.
“The airline expects these funds to be repaid shortly, and has taken steps to ensure that this type of transfer cannot recur.”
The company uses dollars to pay for airline fuel for its 400-plus Boeing 737-800 aircraft, rather than Ireland’s currency, the Euro.
The scam seems to use a similar tactic to the ‘Dyre Wolf’ scheme uncovered by IBM researchers earlier this month, which has apparently netted the criminals more than $1 billion (£674m) from American companies.
The scheme sees criminals sending out spam emails with unsafe attachments containing the Dyre malware, which seeks to get access to as many corporate computers as possible.
“Once the infected victim tries to log in to one of the hundreds of bank websites for which Dyre is programmed to monitor, a new screen will appear instead of the corporate banking site,” said IBM. “The page will explain the site is experiencing issues and that the victim should call the number provided to get help logging in.”
The trick makes use of “advanced social engineering techniques”, with a live telephone operator then speaking to the victim when they call the number, pretending to be from a real bank, who then try and obtain the corporate banking details. Once they gain that vital information, they begin making wire transfers out of the victim’s bank account.
Are you a security pro? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…