Security Advisor

Hackers Steal $45 Million from Thousands of ATMs


Federal prosecutors in New York filed charges against eight individuals who allegedly took part in a precise, worldwide attack on ATMs over a 24-hour period in February.

According to the unsealed indictment, those charged visited close to 3,000 ATMs in the New York City area and used information illegally obtained on five prepaid debit card accounts stolen from the Bank of Muscat in Oman and the National Bank of Ras Al-Khaimah PSC in the United Arab Emirates .

"In order to carry out the scheme, the hackers relied upon a trusted group of associates to disseminate the stolen financial information globally via the Internet to leaders of 'cashing crews' around the world," read the indictment. "The cashing crews consisted of individuals known as 'cashers' or 'cashiers.' The leader of these crews were responsible for planning, organizing and executing the cash outs in which the cashers conducted hundreds and in one case, thousands, of fraudulent transactions over a matter of hours via ATM withdrawals and fraudulent purchases using plastic cards encoded with stolen account information."

Every time the cashers would hit the ATM withdrawal limit of a particular machine, those on the computer side would then fraudulently replace the money on the account, allowing the runners to rewithdrawal it from another machine.

Authorities said that the New York crew's haul was estimated at $2.4 million and the worldwide total of this highly sophisticated cybercrime ring is said to be $45 million. Those running the scheme in Japan were able to grab $10 million due to the higher machine withdrawal limits in the country.

While worldwide law enforcement agencies have yet to give any more news on those responsible on the computer side of the operation, it is believed the man who was in charge of the New York cell was Lajud-Peña, who was discovered shot to death by two masked gunmen in the Dominican Republic on April 27.

So far, besides the unsealed indictment, very little is known on this incident. However, due to the massive scope of this cybercrime in both money and manpower, I'm expecting we'll be hearing new details on this incident as they unfold for quite some time.

"This was indeed the largest theft of this type that we have yet seen," said Loretta Lynch, the U.S. Attorney in Brooklyn, N.Y., during an announcement following the arrest of the eight individuals. "This was a 21st century bank heist that reached through the Internet to span the globe. But, instead of guns and masks, this cybercrime organization used laptops and malware."

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.


comments powered by Disqus

Subscribe on YouTube