Hack Attack: $75M Stolen in Worldwide Cyber-Heist

Almost $75 million was stolen from financial institutions around the world by a fraud ring with an “insider level of understanding,” Sky News reports.

“The fraudsters’ objective in these attacks is to siphon large amounts from high balance accounts, hence the name chosen for this research — Operation High Roller,” according to a recent report from McAfee and Guardian Analytics.

“If all of the attempted fraud campaigns were as successful as the Netherlands example we describe in this report, the total attempted fraud could be as high as 2bn euro [$24B],” the report adds.

So how did they break into these bank accounts?

“The automated malicious software programme was discovered to use servers to process thousands of attempted thefts from both commercial firms and private individuals,” Sky News reports. “The stolen money was then sent to so-called mule accounts in caches of a few hundreds and 100,000 euro [$125,000] at a time.”

Credit unions, multinational banks, and smaller regional banks were all hit in the heist.

“It does include British financial institutions and has jumped over to North America and South America,” said Sky News defense and security editor Sam Kiley. “What they have done differently from routine attacks is that they have got into the bank servers and constructed software that is automated.”

“It can get around some of the mechanisms that alert the banking system to abnormal activity,” he adds.

McAfee has managed to pinpoint many of the servers used in the attack.

“They have identified 60 different servers, many of them in Russia, and they have identified one alone that has been used to steal 60m euro [emphasis added],” Kiley said. “There are dozens of servers still grinding away at this fraud — in effect stealing money.”

Meanwhile, an FBI-assisted investigation dubbed “Operation Card Shop” has led to the arrests of 24 hackers involved in a “breathtaking spectrum of cyber schemes and scams,” according to Wired.

“The two-year investigation … began in June 2010 when the FBI set up an online carding forum called Carder Profit,” Wired’s Kim Zetter writes.

“The FBI monitored and recorded communications on the forum as well as private messages sent through the site between registered users. The FBI also recorded IP addresses of users who accessed the forum,” the report adds.

A spokeswoman for the U.S. Attorney’s office explained that “Operation Card Shop” was not a sting because, technically speaking, the FBI didn’t “initiate the criminal activity.”

“All they did was set up a carding forum and then people who allegedly committed this criminal activity came to the forum,” said spokeswoman Ellen Davis.