Bank robbery Global Network of cyber criminals stole $45m from ATMs

By Pierluigi Paganini, Editor-in-Chief, CDM

May 13, 2013, 11:30 am EST

The news on the biggest bank robbery with a cyber attack against ATMs in the history is conquering the Network, US law enforcement has revealed the details of the vast fraud arranged by a cyber gang that exploit out of date card technology to empty cash machines in 27 countries from Canada to Russia.

It’s not clear who is behind the cyber bank robbery and the organizational level of criminals, investigators believe that number of participants in the criminal system is many hundreds across more than two dozen countries, an unprecedented fraud operated on a global scale.

The cyber criminals stolen around $45 million in a few hours, seven individuals were arrested in the US, accused of operating the New York cell of the group that that carried out thefts at ATMs all over the world.

Authorities announced that the individuals arrested are US citizens and residents of Yonkers, New York, they are Jael Mejia Collado, Joan Luis Minier Lara, Evan Jose Peña, Jose Familia Reyes, Elvis Rafael Rodriguez, Emir Yasser Yeje and Chung Yu-Holguin.

The seven people are accused of the theft of $2.4 million from hundreds of New York ATMs during the attack in February in the US, the crimes not impacted on user’s bank accounts, the money was stolen from accounts issued by banks.

U.S. Prosecutors declared that Law enforcement agencies of various nations were involved in the investigation, the first attack conducted by the network of criminals occurred on December 22th 2012 when the gang compromised an Indian database for pre-paid MasterCard debit cards of a bank in the United Arab Emirates.

The situation created serious damage; affiliates to the group were able to clone magnetic stripe cards, stealing around $5 million from ATMs across 20 countries in just a few hours.

A couple of months after, on 19 February 2013, the heist of the century has become a reality, a second attack was conducted against a US payment processor handing the UAE bank hit in December, this time the network of criminals has stolen $40 million operating in few hours around 36,000 different transactions from ATMs in 20 countries.


Here’s the fraud schema reported by ABC news

“Hackers got into bank databases, eliminated withdrawal limits on pre-paid debit cards and created access codes. Others loaded that data onto any plastic card with a magnetic stripe — an old hotel key card or an expired credit card worked fine as long as it carried the account data and correct access codes.A network of operatives then fanned out to rapidly withdraw money in multiple cities, authorities said. The cells would take a cut of the money, then launder it through expensive purchases or ship it wholesale to the global ringleaders. Lynch didn’t say where they were located.”

The seven individuals arrested in the US aren’t the unique components of the network identified, the eighth defendant charged in the indictment , Alberto Yusi Lajud-Peña, also known as ‘Prime’ and ‘Albertico,’ have been murdered in the Dominican Republic on April 27 in the Dominican Republic.

Loretta Lynch, US Attorney for the Eastern District of New York declared:

“The defendants and their co-conspirators participated in a massive 21st Century bank heist that reached across the internet and stretched around the globe,” “In the place of guns and masks, this cybercrime organization used laptops and the Internet,”

The flaws in the payment processors exploited by the global network of criminals are not new, in the 2008 a Russian group of criminals realized  another clamorous attack against US ATM machines fortunately they have been arrested by the Russian Security Service (FSB).

The principal difference between the attack occurred in 2008 and the recent bank robbery is in the amount of data stolen in the last fraud if five times greater, in November 2008 the hackers cloned payroll cards to steal the money from 2,100 cash machines across the US in a 12-hour period after the criminals cracked the encryption used to protect cards from tampering.

The principal concern of law enforcement and security experts is related to the possibility that similar attacks could increase in the next months, Costin Raiu, director of Kaspersky Lab’s Global Research & Analysis Team commented the event:

“A lot of these attacks would go away by getting rid of the stripe and updating the US payment systems to use the chips,” 

“I believe it makes sense for the banks to invest in upgrading the cards in the US and worldwide,”

“Unfortunately these types of cybercrimes involving ATMs, where you’ve got a flash mob going out across the globe, are becoming more and more common,” said Rose Romero, a former federal prosecutor and regional director for the U.S. Securities and Exchange Commission.

“I expect there will be many more” of these types of crimes, she said.

Today a bank robbery is not accomplished more with guns and caps, criminals have evolved, the keyboards have become the means of burglary to force banks and financial institutions.

In my opinion the only way to fight cybercrime is to start thinking as a hacker that why I consider these professional essential for every sector of our society, from defense to banking.

(Source: CDM & Security Affairs – Cybercrime)

May 13, 2013

cyber defense awardsWe are in our 11th year, and Global InfoSec Awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.
Cyber Defense Awards

12th Anniversary Top InfoSec Innovator & Black Unicorn Awards for 2024 are now Open! Finalists Notified Before BlackHat USA 2024...