Why don't criminals rob banks anymore?
Hacked Financial Institutions: Criminals attack the infrastructure of banks
Withdraw money from the machine - and the account balance does not change. A Russian group of cyber criminals has apparently achieved what many have secretly wished for, as the security company Kaspersky writes.
- Winkelmann Group GmbH + Co. KG, Ahlen
- QUNDIS GmbH, Erfurt
What is new is that the gangs no longer just try to attack individual customers' accounts using Trojans and spear phishing, but rather manipulate the infrastructure of banks in a targeted manner. The Metel group uses vulnerabilities in the browser to install tools such as the Niteris exploit kit on the computers of bank employees. In addition, spear phishing malware is installed on the computers of bank employees.
From there, the criminal groups try to gain access to other systems in the bank in order to enable later attacks. Because in the end they manage to withdraw money from the ATMs without the account balance falling afterwards. The gangs use manipulated cards from a compromised bank, which they then use in another bank's ATMs. The malware ensures that the daily withdrawal limit of the cards is bypassed. In this way, the gangs in several Russian cities are said to have emptied several ATMs from various banks at night.
Attacks so far only in Russia
"Nowadays the active phases of a cyber attack are getting shorter and shorter. As soon as the attackers are sufficiently trained in using a certain method, they only need a few days to take what they want and then disappear.", comments Sergey Golovanov, Principal Security Researcher at Kaspersky Lab's Global Research & Analysis Team. The attacks by the Metel group have so far only been found in Russia.
- Microsoft 365 Security Workshop
9-11 June 2021, online
- Penetration Testing Fundamentals
23-24 September 2021, online
Another gang, called Gcman, uses various electronic payment services to illegally send money transfers. According to Kaspersky, in some cases the criminals do not even use malware, but get by with normal pentesting tools such as Putty, VNC and Meterpreter. In one case, the group allegedly infiltrated a bank network for more than a year and a half before making the first transfers. The transfers had an amount of 200 euros each - the limit for anonymous transfers in Russia. The payment orders did not go through individual accounts, but were sent directly to the "Upstream Payment Gateway" and executed there.
The so-called Carbanak Group has been in business the longest. It no longer only attacks banks, but also targets the accounting departments of companies. In the case of a financial institution, the group allegedly changed information about the ownership of a large company in this way. The name of a money mule was registered as a co-owner.
In addition, the group is said to have developed a technique to induce ATMs to dispense money at a predetermined time without a transaction having been made.
Unsurprisingly, Kaspersky recommends the use of virus scanners to secure the infrastructure. But actually there are numerous standards, especially in the financial sector, which provide very good security mechanisms (for example the EMV procedure), but which are poorly implemented by financial institutions in order to save costs. However, due to the globally networked payment systems, security gaps or a lack of identity checks by foreign banks can also become a problem for German customers.
- What is a search engine results page
- Why doesn't Arsenal win a continental competition
- What is the boiling point of NH_3
- What makes a good online business community
- List of companies using c ++
- What is a cryptanalyst
- How is SIDAC deteriorating over time
- How was your SSC exam
- How can you start a startup in stealth mode?
- What are the benefits of job rotation
- What is torrent architecture
- What is a cuboid in data mining
- What's so bad about helicopter parents
- Why is Goa so popular
- What does hospitality mean
- Why is there no iPhone 11
- Swimming is required for kayaking
- What is macrame
- Why block an email marketer
- How do you add your profile
- Is the Asus R558 XO044D a good laptop
- What are your Quora milestones
- Should my baby sleep with a blanket on
- Why does YouTube never recommend my videos
- Were dinosaurs born before eukaryotes
- How do I make tooth carvings better
- Are Nepalis from Darjeeling Indian citizens
- Why do betta fish fight
- What's your favorite spelling trick?
- What is interstitium
- Is Fukushima dangerous
- How hot it gets in Florida
- What role does emotion play in memory