In 2013, an ATM in Kiev began dispensing cash at arbitrary times of the day, as large piles of money were picked up by customers that happened to be in the right place at the right time. Kaspersky Lab, a Russian security firm that’s the world’s largest privately held vendor of endpoint protection solutions, has dubbed an Eastern European cybercrime group the “Carbanak Gang” after being called to the Ukraine to investigate the situation. A recent New York Times article entitled “Bank Hackers Steal Millions via Malware” discusses how the firm soon found out that the delinquent ATM machine wasn’t the bank’s only problem. The bank’s internal computers, used for daily transfers and bookkeeping by employees, had been infiltrated by a specific malware that allowed for the recording of every move made on the system. This particular malware went undetected for months, allowing for video feeds and images to be sent to the criminal group (which included Russians, Chinese, and Europeans) in regards to how the bank conducted its daily routines. After this information was collected, the group impersonated bank officers in order to turn on ATMs and transfer millions of dollars from banks in Russia, Japan, Switzerland, the U.S., and the Netherlands into fake accounts that had already been setup in other countries. According to Kaspersky’s analysis, more than 100 banks and financial institutions in over 30 nations were hit, making this one of the largest bank thefts in history. Unfortunately, due to nondisclosure agreements, the specific banks that were targeted cannot be named.

The New York Times article, which provides a more informative read, can be found here: