back to article Overdraft-fiddling hackers cost banks in Eastern Europe $100m

Hybrid cyber attacks on banks in former Soviet states has already resulted in estimated losses of $100m. Security researchers at Trustwave report today that cybercriminals are using mules to open accounts with counterfeit documents while hackers compromise the bank's systems to obtain unauthorised privileged access and break …

  1. Semtex451
    Coat

    Is this the FBI getting "payback"?

    1. Anonymous Coward
      Anonymous Coward

      Maybe

      I have trouble to believe that Iran-Contras was a one-off.

      1. jaduncan

        Re: Maybe

        That was a CIA op.

  2. AndyS

    > the average amount around $5m (in cash)...

    > In all cases, the theft took place using normal withdrawals from various cash terminals outside the bank's originating country.

    Where does one find cash machines which can hand out this much cash? Aren't most limited to around £300 (or the local equivalent) per day, or at least per transaction?

    1. a_yank_lurker

      @AndyS - It's a combination of multiple accounts, phishing, and multiple transactions per account. They are getting inside the decision loop of the bank by various tricks. Keep the amounts 'reasonable', the transactions following reasonable pattern, etc. it will take awhile before anyone will notice. Plus, if one uses the accounts sort of correctly, the bank may be slow to realize they are fake.

    2. Throatwarbler Mangrove Silver badge
      Joke

      "Aren't most limited to around £300 (or the local equivalent) per day, or at least per transaction?"

      Maybe at the plebeian institutions at which you bank, commoner.

    3. MonkeyCee

      Emptying machines

      My understanding on carding fraud is that this is quite a distributed crime. So group A sets up accounts using fake documentation, passing on the legit cards to B and getting paid. B sorts the auth improvements, then sells the cards and PINs to C through Z in the compromised accounts.

      C through Z will be a group of mules, usually "on holiday" outside their own country. They will have a stack of cards with the associated PINS (individual security controls may vary), and will punch through the stack at a particular machine.

      While there is a transaction limit, often all that will be checked is a cached version of this. So the mules get 300 quid per card per machine. Some machines can be hit multiple times, but 50 cards can get you 15 grand a day. Assume timing withdrawals to be over the weekend, maybe three payouts per card before anything flagged.

      Some ATM networks in certain countries are more vulnerable to this, due to the way they update available funds between accounts. I expect you could withdraw at least to the overdraft limit, and probably 3 times it in certain places, if you knew where to look. No idea if there is an overlap with places you could also access to approve overdrafts.

      The cash goes to a local money broker, who takes their cut and pays out the boss of the end mules. Mules go home, get paid there.

      The difference this time is the usual method is getting legit details through a skimmer, then loading them on a blank card and using that. This uses legitimate cards obtained with fake IDs

  3. Anonymous Coward
    Anonymous Coward

    Step 2: Obtain unauthorized privileged access to the banks' network

    After that, the overdraft scam is just one of many possibilities...

  4. Anonymous Coward
    Anonymous Coward

    It is good to see that Microsoft products are so popular at Russian banks.

    Keep up the good work.

  5. pyite42

    Deserved

    Banks deserve this for the way they try to encourage as many overdrafts as possible.

    Their systems have the capability to prevent overdrafts from ever happening, but they choose not to use it.

  6. Gustavo Fring

    and this woud be solved by

    Blockchain ? maybe ... it would at least make all the money traceable, possibly .. but could block chain ever scall enough to work in realtime or close to it.

    I sus pect the withdrawals are done multiple units of £300 or equiv by many ppl.

    1. Anonymous Coward
      Anonymous Coward

      Re: and this woud be solved by

      Whatever you give with one hand you take with the other. If it is traceable then it is for everyone. It may also be reverseable for everyone.

      At which point there is a lot more control over to one side of the arrangement. Would people trust selling to any customer who could reverse a transaction? Or buy from anyone who could trace which account the money came from?

      As always there is no perfect solution. Someone somewhere has to give something up... and I doubt it will be the big paychecks at the boardroom meetings.

  7. David Roberts

    Cash is King

    Traceability of transactions to fraudulent cards linked to fraudulent accounts with fraudulent overdrafts is kinda pointless.

    The money has been withdrawn in cash. Gone.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon