A criminal organisation has managed to steal $1bn from banks all over the world in what security experts are calling "the most sophisticated attack the world has seen to date."
The scale of the robbery was revealed in a statement by Kaspersky Labs which has -- in partnership with Interpol and Europol -- been working to track down the cause of the thefts.
Named "Cabernak" (by Kaspersky), the criminal group is made up of hacking experts from China, the Ukraine and Russia. Starting in 2013, the group began a slow and methodical attack that included 100s of banks in over 30 different countries.
Each attack appears to have followed the same pattern: a custom-built virus is sent to the employees of the bank in the form of spam email, and once the email is opened the malware infects the computer and gains access to the bank's systems.
The malware's first use is just to monitor what the network does, help the hackers understand the bank's daily routine, study computer systems and access security cameras.
Once they have an idea of how the day pans out, the hackers then start making substantial withdrawals to offshore accounts, but -- and here's the clever bit -- because they've monitored how the bank operates, they can make the withdrawals appear normal for that specific branch.
Applying this approach to each and every bank appears to have kept their actions almost entirely hidden, with Kaspersky reporting that in some cases the hackers were able to steal huge sums of $10m and more.
Sometimes the hackers would manipulate the account figures and steal money that way. In other cases they reportedly hacked ATMs, with an associate would be physically waiting outside the bank to pick up the money.
Speaking to the New York Times Chris Doggett, Kaspersky's North American Managing Director said, “This is likely the most sophisticated attack the world has seen to date in terms of the tactics and methods that cybercriminals have used to remain covert.”
Worryingly neither Kaspersky Labs or Interpol are any closer to catching the perpetrators and thanks to a collective silence on the part of the banks, investigating the crimes has proven harder than normal.
For the moment it appears as though the group have ceased their activities however with banks proving reluctant to admit their own faults, there's nothing to stop the group from targeting more countries.