Out-Law News 1 min. read
16 Feb 2015, 5:09 pm
Kapersky Lab is working with Interpol, Europol and other authorities to find out more about the gang, which is stealing directly from banks rather than from individual accounts, Kapersky Lab said in a statement.
The criminal gang, which Kapersky Labs has called Cabernak, tricked employees into opening malicious attachments that let it access the bank's internal network and video surveillance systems.
Using the videos, the gang learned how bank clerks work, to be able to mimic their activity when moving money, the security company said. It then used online banking or international e-payment systems to transfer money to its own accounts, without the system spotting any discrepancies in how things were done.
In other cases, Cabernak inflated the balance of existing customer accounts, then transferred the excess to its own accounts. The account holder did not notice as their regular balance remained in the account.
Cabernak also took control of ATMs and progammed them to dispense cash at a time when a gang member will be there to pick up the money, Kapersky labs said.
"These bank heists were surprising because it made no difference to the criminals what software the banks were using. So, even if its software is unique, a bank cannot get complacent. The attackers didn’t even need to hack into the banks' services: once they got into the network, they learned how to hide their malicious plot behind legitimate actions. It was a very slick and professional cyber-robbery,” said Sergey Golovanov, principal security researcher at Kaspersky Lab’s global research and analysis team.
Kaspersky Lab said that the attacks were perpetrated by a multi-national group of criminals from from Russia, China, Ukraine and other parts of Europe and urged financial organisations to scan their networks for the presence of Carbanak and report any intrusion to the police.