26 Mar Banks breathe easier with ATM, cybercriminal hacker’s arrest
In a coordinated sting, Spanish police, Europol and the FBI arrested a notorious Ukrainian hacker behind $1.2 billion (€1 billion) of ATM and bank scams across Europe and in 40 countries around the world since 2013. Police in Romania, Belarus and Taiwan also took part in the apprehension.
The gang leader, identified only as Denis K, was arrested in the Spanish coastal resort city and port of Alicante, legendary for its cuisine and exciting nightlife. He is alleged to have coordinated a small group of sophisticated hackers and cyber criminals through Internet chat rooms.
How the hackers operated
The hackers utilized the Carbanak malware between 2014 and 2016 and, in 2017, used the more advanced Cobalt Strike penetration software. Malware would be sent to bank employees, and when opened, allowed hackers to take control of employee computers and bank systems.
The gang also used online payments to funnel money from banks into criminal accounts as well as hacking data to inflate bank accounts and withdraw funds by a network of accomplices and “mules.”
More than 100 financial institutions were targeted in the ATM and financial scams, sometimes as large as $12.45 million (€10 million) each.
How the hackers cashed out
In a statement, Europol described how the criminals would cash out their stolen loot:
- “ATMs were instructed remotely to dispense cash at a pre-determined time, with the money being collected by organized crime groups supporting the main crime syndicate: when the payment was due, one of the gang members was waiting beside the machine to collect the money being ‘voluntarily’ spit out by the ATM;
- The e-payment network was used to transfer money out of the organization and into criminal accounts;
- Databases with account information were modified so bank accounts balance would be inflated, with money mules then being used to collect the money.”
Profits were also laundered using cryptocurrencies and debit cards from Gibraltar and the UK which were used to buy expensive real estate and luxury cars.
Spanish police said the gang leader had more than 15,000 bitcoins, worth an estimated $120 million. They estimate millions of dollars were spent on technology and payments used in cyberattacks against banks in Russia, working with Russian and Moldavian Mafia.
Europol, international police collaboration worked
Europol credited the close cooperation of many police agencies for its success in capturing the criminals:
“International police cooperation coordinated by Europol and the Joint Cybercrime Action Taskforce was central in bringing the perpetrators to justice, with the mastermind, coders, mule networks, money launderers and victims all located in different geographical locations around the world.”
Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3), said:
“This global operation is a significant success for international police cooperation against a top-level cybercriminal organization. The arrest of the key figure in this crime group illustrates that cybercriminals can no longer hide behind perceived international anonymity. This is another example where the close cooperation between law enforcement agencies on a worldwide scale and trusted private sector partners is having a major impact on top-level cybercriminality.”
We can only expect cybercrime and the need for international police cooperation to grow as fintech and cryptocurrency usage mushrooms.
Photos: Alicante via Wikimedia, Europol, Pixabay