A newly uncovered wave of online attacks targeting banks has led to an estimated $100 million (£76m) in losses, according to researchers.
Organised criminals are likely to be behind the incidents, computer security firm Trustwave said in a study published on Tuesday.
The series of related heists involved the use of ‘mules’ who opened accounts at banks in Eastern Europe and former Soviet countries using forged documents.
Meanwhile, hackers obtained access to the networks of the banks and the third-party processors who handled the banks’ debit card transactions.
They logged those users’ keystrokes until they obtained the login credentials to the restricted systems used to manipulate risk scores and overdraft limits.
The hackers used those credentials to lower risk ratings and increase overdraft limits from $0 to between $25,000 and $35,000, Trustwave said.
Then a number of ‘mules’ would simultaneously make cash withdrawals from a number of the fraudulent accounts, all of them using machines found in countries outside that where the bank was located and where the account had been opened.
Once the cash was obtained, the hackers rendered the systems they had used unbootable so as to thwart investigators, according to Trustwave.
“This incredibly well-orchestrated operation demonstrates the patience and sophistication of organised cybercrime groups,” the group stated. “They coordinated efforts between physical teams, who opened bank accounts to be used in the heists, and online criminals, who hijacked and manipulated bank and processor networks.”
On average, $5m was stolen in each incident, with individual scams netting from £3m to £10m.
In some cases the banks weren’t aware of the heist until well after it had taken place. In a few cases the issue remained unnoticed until it was brought to the bank’s attention by a third-party card processing company.
In each case, the funds were stolen using legitimate cards issued by the bank.
The firm said the attacks showed a new level of sophistication and were likely to spread outside the region where they originated.
The security weaknesses the thieves exploited, including the lack of network segmentation that allowed hackers to move from banks’ networks to those of third-party card processing companies, are widespread internationally in banking, Trustwave said.
Vulnerability to phishing emails is also a problem across the international financial sector, according to the firm.
Do you know all about security in 2017? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…