The Russian Kaspersky Lab Company specialized in IT security said a gang named ‘Carbanak’ was behind the wave of hacking of bank accounts via the Internet which kept the world preoccupied in recent months and has caused losses worth nearly one billion dollars, reports Al-Rai daily.Kuwaiti banking sources had said earlier that Kuwaiti banks were safe but according to a report issued by Kaspersky Lab, Kuwait is being constantly targeted. The banking sources confirm that the reports issued by auditors yesterday confirm the safety of the banking system.
However that does not mean the sector will stop taking precautionary measures in the face of any emergency. Kaspersky Lab says it has seen evidence that $300 million has been stolen from clients and believes the figure can run three fold.
However, that projection is impossible to verify because the thefts were limited to $10 million per transaction, though some banks were hit several times. In many cases the hauls were more modest, presumably to avoid setting off alarms. Meanwhile, according to an earlier report, Kaspersky Lab, INTERPOL, Europol and authorities from different countries have combined efforts to uncover the criminal plot behind an unprecedented cyber robbery. Up to one billion American dollars was stolen in about two years from financial institutions worldwide.
The experts report that responsibility for the robbery rests with a multinational gang of cybercriminals from Russia, Ukraine and other parts of Europe, as well as from China. The Carbanak criminal gang responsible for the cyber robbery used techniques drawn from the arsenal of targeted attacks. The plot marks the beginning of a new stage in the evolution of cybercriminal activity, where malicious users steal money directly from banks, and avoid targeting end users. Since 2013, the criminals have attempted to attack up to 100 banks, e-payment systems and other financial institutions in around 30 countries. The attacks remain active.
According to Kaspersky Lab data, the Carbanak targets included financial organizations in Russia, USA, Germany, China, Ukraine, Canada, Hong Kong, Taiwan, Romania, France, Spain, Norway, India, the UK, Poland, Pakistan, Nepal, Morocco, Iceland, Ireland, Czech Republic, Switzerland, Brazil, Bulgaria, and Australia. It is estimated that the largest sums were grabbed by hacking into banks and stealing up to ten million dollars in each raid.
On average, each bank robbery took between two and four months, from infecting the first computer at the bank’s corporate network to making off with the stolen money. The cybercriminals began by gaining entry into an employee’s computer through spear phishing, infecting the victim with the Carbanak malware. They were then able to jump into the internal network and track down administrators’ computers for video surveillance. This allowed them to see and record everything that happened on the screens of staff who serviced the cash transfer systems.
In this way the fraudsters got to know every last detail of the bank clerks’ work and were able to mimic staff activity in order to transfer money and cash out.
How was the money stolen
1) When the time came to cash in on their activities, the fraudsters used online banking or international e-payment systems to transfer money from the banks’ accounts to their own. In the second case the stolen money was deposited with banks in China or America.
The experts do not rule out the possibility that other banks in other countries were used as receivers.