According to the report published in The New York Times on Saturday, a group of hackers — including Russians, Chinese, and Europeans — has infected systems of more than 100 banks and other financial institutions with a dangerous virus named Carbanak to spy on bank officials and steal millions of dollars. The information was provided and confirmed by the Russian cybersecurity company Kaspersky Lab.
As the Moscow-based firm points out, the hacker group has been studying the internal banking life for around two years, and it has collected a lot of facts to be able to mimic the behavior of bank officers.
The malware, which was designed to destroy the banking system, had its access to bank computers via emails. On behalf of so-called colleagues, cybercriminals sent files containing the malware to employees. Once opened, the email started downloading a malware code which recorded keystrokes and took screen shots of the bank computers. It allowed hackers to control every movement of a person working on the computer, and that in turn allowed transferring money in variety of ways from the banks to fake accounts or ATMs monitored by hackers.
The exact sum of stolen money is not clear yet, but there has been the evidence of $300 million in theft through clients, and the total amount could actually triple that, making this cyberattack “the most sophisticated attack the world has seen to date.”
No bank has ever announced that its system was so easily penetrated. In January, President Obama called for federal law that would require public revelation of any breach of personal or financial data.