How international cyber thieves did it | Inquirer Technology

How international cyber thieves did it

/ 04:55 AM May 11, 2013

In this Saturday, Jan. 5, 2013 file photo, a person inserts a debit card into an ATM machine in Pittsburgh. A gang of cyber-criminals stole $45 million in a matter of hours by hacking their way into a database of prepaid debit cards and then draining cash machines around the globe, federal prosecutors said Thursday, May 9, 2013. AP FILE PHOTO/Gene J. Puskar

Global hackers stole $45 million in cash from 27 countries using thousands of ATMs in two separate assaults.

In one, on Dec. 22, hackers grabbed $5 million from 20 countries. On Feb. 19, they made off with $40 million in 24 countries worldwide.

Article continues after this advertisement

Here’s how they did it:

FEATURED STORIES

Phase 1: Card processor network intrusion. Using malware, hackers breached the worldwide processors for Rakbank in the United Arab Emirates and the Bank of Muscat in Oman.

Phase 2: The criminals override security protocols and hunt for the prepaid debit card systems and delete limits on the accounts. It takes months to penetrate the systems, prosecutors said.

Article continues after this advertisement

Phase 3: Access codes are created. Data is loaded onto any plastic card with a magnetic stripe—an old hotel key card or an expired credit card would do as long as it carried the account data and correct access codes.

Article continues after this advertisement

Phase 4: Cells around the globe fan out and begin to make repeated cash machine withdrawals. In New York City alone, 750 transactions were made in two hours and 25 minutes from 140 different ATMs totaling $400,000, prosecutors said.

Article continues after this advertisement

Phase 5: Hackers maintain unauthorized access to the banks to monitor the cash-out, keeping withdrawals rolling until the breach is discovered and the systems shut down.

Phase 6: Cash is laundered and organizers are paid.

Article continues after this advertisement

27 countries hit

Criminals working in cells around the world stole $45 million in just hours by hacking into a database of prepaid debit cards and making withdrawals from automated teller machines, US prosecutors said. The 27 countries where they say cash machines were plundered: Belgium, Bulgaria,  Canada,  Colombia,  Dominican Republic,  Egypt,  Estonia, France, Germany, Great Britain, Indonesia, Italy, Japan, Latvia, Malaysia, Mexico, Netherlands, Pakistan, Romania, Russia, South Africa, Spain, Sri Lanka, Thailand, Ukraine, United Arab Emirates  and the United States.

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

TOPICS: ATM, automated teller machines
TAGS: ATM, automated teller machines

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.