Security Advisor

Hackers Steal $45 Million from Thousands of ATMs


Federal prosecutors in New York filed charges against eight individuals who allegedly took part in a precise, worldwide attack on ATMs over a 24-hour period in February.

According to the unsealed indictment, those charged visited close to 3,000 ATMs in the New York City area and used information illegally obtained on five prepaid debit card accounts stolen from the Bank of Muscat in Oman and the National Bank of Ras Al-Khaimah PSC in the United Arab Emirates .

"In order to carry out the scheme, the hackers relied upon a trusted group of associates to disseminate the stolen financial information globally via the Internet to leaders of 'cashing crews' around the world," read the indictment. "The cashing crews consisted of individuals known as 'cashers' or 'cashiers.' The leader of these crews were responsible for planning, organizing and executing the cash outs in which the cashers conducted hundreds and in one case, thousands, of fraudulent transactions over a matter of hours via ATM withdrawals and fraudulent purchases using plastic cards encoded with stolen account information."

Every time the cashers would hit the ATM withdrawal limit of a particular machine, those on the computer side would then fraudulently replace the money on the account, allowing the runners to rewithdrawal it from another machine.

Authorities said that the New York crew's haul was estimated at $2.4 million and the worldwide total of this highly sophisticated cybercrime ring is said to be $45 million. Those running the scheme in Japan were able to grab $10 million due to the higher machine withdrawal limits in the country.

While worldwide law enforcement agencies have yet to give any more news on those responsible on the computer side of the operation, it is believed the man who was in charge of the New York cell was Lajud-Peña, who was discovered shot to death by two masked gunmen in the Dominican Republic on April 27.

So far, besides the unsealed indictment, very little is known on this incident. However, due to the massive scope of this cybercrime in both money and manpower, I'm expecting we'll be hearing new details on this incident as they unfold for quite some time.

"This was indeed the largest theft of this type that we have yet seen," said Loretta Lynch, the U.S. Attorney in Brooklyn, N.Y., during an announcement following the arrest of the eight individuals. "This was a 21st century bank heist that reached through the Internet to span the globe. But, instead of guns and masks, this cybercrime organization used laptops and malware."

About the Author

Chris Paoli is the site producer for and


  • SameSite Cookie Changes Rolled Back Until Summer

    The Chromium Project announced on Friday that it's delaying enforcement of SameSite cookie changes, and is temporarily rolling back those changes, because of the COVID-19 turmoil.

  • Basic Authentication Extended to 2H 2021 for Exchange Online Users

    Microsoft is now planning to disable Basic Authentication use with its Exchange Online service sometime in the "second half of 2021," according to a Friday announcement.

  • Microsoft Offers Endpoint Configuration Manager Advice for Keeping Remote Clients Patched

    Microsoft this week offered advice for organizations using Microsoft Endpoint Configuration Manager with remote Windows systems that need to get patched, and it also announced Update 2002.

  • Azure Edge Zones Hit Preview

    Azure Edge Zones, a new edge computing technology from Microsoft designed to enable new scenarios for developers and partners, emerged as a preview release this week.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.