{"id":78860,"date":"2015-02-17T23:36:49","date_gmt":"2015-02-17T21:36:49","guid":{"rendered":"http:\/\/onsoftware.en.softonic.com\/?p=78860"},"modified":"2025-07-02T00:17:43","modified_gmt":"2025-07-02T07:17:43","slug":"up-to-1-billion-stolen-in-massive-bank-hack","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/up-to-1-billion-stolen-in-massive-bank-hack\/","title":{"rendered":"Up to $1 billion stolen in massive bank hack"},"content":{"rendered":"

Security firm Kaspersky Lab revealed a massive worldwide security breach across 100 banks<\/strong> and electronic payment systems around the world, including those in the United States. It is estimated that as much as $1 billion has been stolen using this security exploit, which first appeared in late 2013.<\/p>\n

An \u2018Ocean\u2019s Eleven\u2019 style hack<\/h3>\n

A multinational network of cyber criminals from Russia, Ukraine, China and other European countries are responsible for the breach, according to Kaspersky. What\u2019s interesting is the sophistication and patience the hackers exhibited.<\/p>\n

Each attack took an average of two to four months. Using spear phishing<\/strong>, a type of phishing email that targets specific organizations, hackers were able to install malware called Carbanak<\/strong> onto a bank employee\u2019s computer.<\/p>\n

Carbanak allowed hackers to monitor the behavior of bankers<\/strong> over months before stealing money. \u201cThis allowed the attackers to understand the protocols and daily operational tempo of their targets,\u201d says Kaspersky in its report.<\/p>\n

Another method the hackers used to stay under the radar was to limit the amount of money stolen to $10 million from each bank. Kaspersky speculates this limit was dictated by the fact that $10 million is the maximum amount budgeted by banks for fraud risk, hoping banks wouldn’t launch a full scale analysis of its systems. If spread out over 100 banks, the total amount stolen could top $1 billion. Out of the affected banks, 42% are located in Russia and only 10% are in the US<\/strong>.<\/p>\n

\"Carbanak<\/p>\n

While most cyber thefts are more smash-and-grab, the methodical nature<\/a> of this hack is \u201cmuch more \u2018Ocean\u2019s Eleven\u2019\u201d, says managing director of Kaspersky North America Chris Doggett.<\/p>\n

Hackers transferred money from banks to personal accounts and even attacked ATMs, scheduling machines to dispense money at specific locations and times where a member of the hacking group would be waiting.<\/p>\n

An ongoing attack<\/h3>\n

\"How<\/p>\n

No banks have come forward to acknowledge the hack as of yet. However, a representative from Bank of America responded saying it \u201cwas not impacted by Carbanak\u201d. Other banks I’ve reached out to did not respond to my inquiries.<\/p>\n

Kaspersky says the attack is still on-going and that it is working with law enforcement to track down the hackers. Security reporter Brian Krebs<\/a> reported on this vulnerability back in December 2014, explaining how Russian and Ukrainian hackers managed to attack ATMs from inside banks.<\/p>\n

The attacks began in December 2013<\/strong> with peak infections occurring in June 2014. Kaspersky knew about the attack but didn’t release details until now because the investigation remains open. The company was asked by law enforcement not to divulge the information too early into the investigation.<\/p>\n

Easy pickings<\/h3>\n

Although the $1 billion figure is shocking, the methods the thieves used to access banking systems are not. Techniques like spear phishing have been around for a long time. Spear phishing targets organizations with fake emails<\/strong> dressed up to look like legitimate correspondences to get bank employees to download infected attachments<\/strong> like Word documents.<\/p>\n

\"SecurityPhoto credit: 401(K) 2012 via Flickr<\/a><\/em><\/p>\n

Once an employee downloads or clicks on a malicious link, the Carbanak virus gets injected into the computer. Carbanak is what\u2019s known as a RAT (remote access tool)<\/strong>, which allows a hacker to see everything on a person\u2019s computer, assume control and even log keystrokes.<\/p>\n

After gaining access to one bank\u2019s computers, the hackers then mounted additional spear phishing email attacks against other banks, sending the emails from legitimate bank addresses and impersonating employee behavior.<\/p>\n

Banks failed to employ basic security practices<\/h3>\n

\"Computer<\/p>\n

Banks could have avoided being hacked if they took basic security measures. RATs are nothing new and neither are the phishing techniques that plague us today.<\/p>\n

The Carbanak virus was distributed in infected Microsoft Office attachments<\/strong>. Having an updated version of Microsoft Office would have stopped the attack dead since these security vulnerabilities have already been patched.<\/p>\n

Providing basic cyber security training for employees could have also led to the detection of spear-phishing emails that housed the infection.<\/p>\n

On the whole, cyber security is not being taken seriously by many banking institutions. American Express, Capital One and Citibank all lack basic two-factor authentication<\/a>, which goes a long way in protecting its customers\u2019 accounts. Head over to https:\/\/twofactorauth.org\/<\/a> to see which banks and services still don\u2019t use two-factor. While banks are looking at increasing security for its customers, some forget to increase security for its own employees<\/strong>.<\/p>\n

Out of your hands<\/h3>\n

I’ve preached basic security practices like using a password manager<\/a> and enabling two-factor authentication but in this case, there\u2019s not much you can do. The Carbanak attack is specifically targeting banks<\/strong> and not individual accounts, but you should still check your accounts often for suspicious behavior<\/strong>.<\/p>\n

\u201cConsumers should check both their online and paper statements on a regular basis for unusual activity. Additionally, consumers should be cautious when downloading attachments and opening links from both from people or institutions they do not know and do know. If an email claiming to be your banking institution seems suspicious, it could be a phishing scam and you should double check with your bank to make sure the email is really from them,\u201d says Avast COO Ondrej Vlcek.<\/p>\n

\"AvastAvast Free Antivirus 2015<\/a> checks for outdated software<\/em><\/p>\n

To make sure you don\u2019t fall prey to the same methods of attack as banks affected by Carbanak, make sure to keep your computer updated<\/strong> with the latest software and system updates. Windows users can check for updates in Windows Update and Mac users can check in the Mac App Store. If an email seems suspicious to you, visit your bank\u2019s site directly or give them a call.<\/p>\n

You can also use a service like Mint<\/a> to monitor all of your financial accounts. Mint sends you notifications of any suspicious activity and lets you quickly glance at anything that might be off with your accounts. There are Mint mobile apps (Android<\/a> | iOS<\/a>) you can download to get notifications faster.<\/p>\n

Unfortunately, corporate negligence for security is commonplace<\/strong>. Target\u2019s breach last summer showed how slow the company ignored early warnings, resulting in 1 to 3 million stolen credit card numbers<\/a>. Sony Pictures kept their passwords in an unencrypted plaintext file<\/a> and didn’t encrypt its employees\u2019 emails. Home Depot admitted its 2014 hack was attributed to the company\u2019s policies of meeting security standards, rather than anticipating new threats<\/a>.<\/p>\n

All we can do is wait to hear which banks have been affected and how they\u2019re going to patch their security holes.<\/p>\n

Source: Kaspersky [PDF]<\/a>, 2<\/a><\/em><\/p>\n

Related Stories<\/h3>\n

Anthem health insurance hacked. Here’s how to protect yourself.<\/a><\/p>\n

Apple silently pushes critical security update to Mac users for the first time<\/a><\/p>\n

Ignite \u2013 carriers could start installing apps on Android phones without your permission<\/a><\/p>\n

Follow me on Twitter: @lewisleong<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

Security firm Kaspersky Lab revealed a massive worldwide security breach across 100 banks and electronic payment systems around the world, including those in the United States. It is estimated that as much as $1 billion has been stolen using this security exploit, which first appeared in late 2013. An \u2018Ocean\u2019s Eleven\u2019 style hack A multinational … Continue reading “Up to $1 billion stolen in massive bank hack”<\/span><\/a><\/p>\n","protected":false},"author":2033,"featured_media":78866,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":0},"categories":[],"tags":[2760],"usertag":[],"vertical":[],"content-category":[],"class_list":["post-78860","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","tag-app-subdomain-redirectionmassive"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/78860","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/users\/2033"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/comments?post=78860"}],"version-history":[{"count":1,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/78860\/revisions"}],"predecessor-version":[{"id":329706,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/78860\/revisions\/329706"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media\/78866"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media?parent=78860"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/categories?post=78860"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/tags?post=78860"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/usertag?post=78860"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/vertical?post=78860"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/content-category?post=78860"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}