ATM Hacked, new ways of cyber attack - EaglesInvestors

Banks fear the proliferation of cyber-attacks against cash machines. Ten days after a digital “hold-up” in India, the case of the ATM hacked. At the beginning of the summer, the FBI sent a confidential note to US banks.

The police warning them of the risk of computer attacks targeting cash machines. Referred to as “ATM Cashout” or ATM hacked, the operation finally hit India on August 11th. In less than two hours that day, more than 805 million rupees (about 10 million euros) were withdrawn from more than 2,100 ATMs in 28 different countries.

ATM hacked

It turns out that the 15,000 withdrawals made this Saturday were the work of accomplices of a network of hackers. They managed to penetrate the computer networks of the targeted bank. The scenario here is exactly the main fear of the US federal agency. The attackers, not yet identified, managed to “corrupt” the systems governing the IT networks. But they also managed to connect to the Swift interbank network. Hence fraudulently transfer an additional 139 million rupees (1.73 million euros) to a bank in Hong Kong on 13 August.

Cosmos Bank, headquartered in Pune in the heart of India, is the second-oldest banking group in the country. Founded in 1906, it now has some two million customers. His internet services were immediately disconnected while cybersecurity experts determined whether the attack was circumscribed.

ATM hacked, a threat “more devastating than the previous ones”

The Indian police mobilized a team of ten investigators on this file. The images recovered from the looted distributors are being scrutinized. Indeed they are searching to identify possible accomplices in this ATM hacked case. A “cyber” unit is trying, for its part, to understand more precisely the modus operandi of attackers. More precisely the type of malware used and how to track down suspicious financial flows. The consulting firm PricewaterhouseCoopers was also tasked with an audit to ensure that the fraud was not larger.

Banks are regularly the target of sophisticated hackers. Another Indian institution, the City Union Bank, was the subject of a virtual hold-up, worth nearly $ 2 million, last February. IT managers in many financial groups think that unfortunately, the phenomenon will gain momentum in the months to come.

ATM hacked and techniques

“The threat of attack spotted by the FBI is indeed different and more devastating than the previous ones. Criminals infiltrate into the bank’s IT infrastructure to steal and clone bank cards, remove fraud controls and limits withdrawal. Then they coordinate large-scale ATM withdrawals to steal large sums of money” confirmed Jean-Christophe Vitu, CyberArk’s vice president for Europe, Africa, and the Middle East.

These techniques are well known, even if they have been perfected. “In 2008, an attack targeted the Royal Bank of Scotland (RBS) and allowed to steal $ 9 million in less than 12 hours, via more than 2,100 ATM hacked. Since then, hackers targeting financial institutions have followed one another, including the cyberbanking of the Central Bank of Bangladesh in 2016 and more than $ 81 billion stolen. Common points of these targets: poor security of the IT infrastructure, especially access privileges. In the majority of the cases, hackers break into the networks by masquerading as business executives. Then after by having contaminated their mailboxes, it allows them to access the heart of the system.

atm hack

ATM hacked and arrests

The elucidation of these cases is not easy. This is even more difficult as hackers now take care to erase their computer traces and even, sometimes, to maintain spyware. This one is discreetly nestled in the computer network and can even monitor the progress of the investigation.

“Fortunately, our techniques are also progressing,” says a source at the National Agency for Security Information Services (Anssi). Cooperation continues to intensify between national agencies, but also with a number of private groups, confronted, like the Countries, with this threat.

In March, such collaboration between the FBI, Romanian, Belarussian and Taiwanese police as well as private companies (led by the Russian group Kaspersky). It led to the arrest in Spain of several members of the Carbanak network. start with his brain. This “cybergang” managed to steal nearly a billion euros in five years.

These hackers had begun to talk about them and its ATM hacked in late 2013. Their Anunak software targeted financial transfers and ATM networks. The following year, they had created a more sophisticated version of this software, called “Carbanak“, and used until 2016. They then launched a wave of cyber attacks even more sophisticated. Indeed thanks to a malicious program called “Cobalt Strike“, it allowed them to “get out” money in a coordinated way in nearly forty different countries. This ATM hacked operation, designated by specialists under the name “Grand Mars”, the largest to date, had not spared Europe. The United Kingdom, France, Sweden, and Germany had been affected. But no banking group has, so far, wished to communicate on the damage suffered at the time.

Leave a Reply

close-link
close-link