Cybersecurity Threat: 5 Cyber Criminals Arrested for $2.6M ATM Heist Using Malware

Cybersecurity alert: ATMs hacked with malware; $2.6 million stolen; 5 arrested, 3 sentenced

Suspected of a massive cybersecurity breach, five members of an international cyber criminal gang have been arrested and charged with stealing cash amounting to $2.6 million using malware attacks on ATMs.

The Taiwanese Criminal Investigation Bureau had already arrested three of the suspects. One has been arrested by the Romanian National Police, while the other was apprehended by the Belarusian Central Office of the Investigative Committee.

According to Europol, the European-based cyber crime gang stole a total of $2.6 million from ATMs using various hacking techniques and malware to force the ATMs belonging to the First Bank to dispense cash.

Their modus operandi was to target email IDs of bank employees with spear-phishing emails with malicious attachments and get into the bank’s internal system that way, after which they would find and hack specific ATMs from inside the network, forcing the ATMs to spit out cash. They were even careful enough to infect the ATMs to delete nearly all traces of their activities.

The three arrested in Taiwan have already been sentenced to 5 years in prison each. The mastermind of the operations, Peregudovs Andrejs from Latvia and his cohorts Colibaba Mihail and Moldovan Niklae Penkov from Romania, were originally charged with “fraud and offenses against computer security” in July 2016.

The sentence sought by the Taipei District Prosecutor’s Office was 12 years, but after the indictment in September, prosecutors said they would decide whether to file an appeal for longer sentences.

In addition to the three who were arrested, there were 19 more suspects who had fled Taiwan. These suspects were then put on a wanted list, after which two more were arrested.

Much of the money has been recovered. Some from the hotel where the three captured suspects were staying, some from a bag found near a park and still more from a man who had found another bag at the same site, but earlier in the day.

A total of $185,000 of the total stolen amount is yet to be recovered.

The European counterpart for the police operation that led to the arrest of the fourth and fifth suspects was Europol, and its European CyberCrime Centre (EC3) helped the investigation by analyzing the seized equipment and data, and organizing operational meetings in Asia as well as Europe.

The EC3’s chief, Steven Wilson, issued a statement:

“The majority of cyber crimes have an international dimension, taking into account the origins of suspects and places where crimes are committed. Only through a coordinated approach at the global level between law enforcement agencies can we successfully track down the criminal networks behind such large-scale frauds and bring them to justice.”

There’s evidence to show that Wilson’s words are, indeed, true, because the internet has melted away international borders. Threat actors can be thousands of miles away from the “scene of the crime” yet reap millions of dollars in the form of stolen data or, in this case, cash.

SEE: What is the Dark Web, and What Does a Hacked Credit Card Cost?

The dark web offers the perfect marketplace atmosphere to sell the stolen data, and there are customers willing to pay a pretty penny for hacked data such as credit card information, email addresses with user details and even entire corporate mailboxes.

With the proliferation of the Internet of Things containing billions of connected devices, and the growth of cloud computing, there are any number of new and emerging ways to conduct acts of cyber crime, and new ways for threat actors to defeat the strongest cybersecurity systems using their weakest points.

Thanks for reading our work! Please bookmark to keep tabs on the hottest, most happening tech and business news from around the world. On Apple News, please favorite the 1redDrop channel to get us in your news feed.

Source 1 | Source 2