The Truth About Hackers Who Stole Over $1 Billion

In popular culture, a heist can go one of two ways: chaotic and guns blazing, as in the de Niro/Pacino classic "Speed," or shrewd and suave like the "Ocean's Eleven" franchise. Either case, however, usually requires a lot of legwork — a team of heavily-armed experts willing to put their lives on the line to break into wherever their prize is locked away and escape with the stolen loot.

But what if the technology used by Danny Ocean and his team is old news? What if, in fact, the biggest heists nowadays occur online, without anyone ever having to scale a building, crack a safe, or seek out a trustworthy getaway driver? And what if the scale of these thefts is more than any traditional burglar who steals from a bank vault by hand?

In 2015, a report published by the Russian security company Kaspersky Lab caused an enormous stir when it claimed that a wave of online bank crime had reached epidemic proportions — and that the sums involved were in the region of hundreds of millions of dollars.

"This is likely the most sophisticated attack the world has seen to date in terms of the tactics and methods that cybercriminals have used to remain covert," said Chris Doggett, who was the managing director of Kaspersky Lab's North American division at the time (per The New York Times).

The loss was over $1 billion

According to the BBC, Kaspersky Lab's report outlined what it described as a new generation of "unprecedented cyber robbery" — a coordinated attack on over 100 world banks it estimated is behind the loss of more than $1 billion since 2013. The cybersecurity company said that the attacks were especially unusual in that the criminals targeted the banks themselves, rather than taking money from the banks' customers.

Per The New York Times, Kaspersky Lab claimed the criminal hackers operated by infecting banks' computers with a malicious program called Carbanak, which they would send to the banks' employees with the hope that they would infect their admin computers. Once installed, the malware then works to record keystrokes and take screenshots of the banks' computers, allowing the gang to monitor the behavior of employees, mimic their actions, and fraudulently transfer the funds into the gang's overseas accounts. The hackers even used their knowledge to make ATMs dispense cash at a whim.

The world's major banks were hesitant to comment on the report and risk drawing attention to the fallibility of their security systems. In 2018, the leader of the Carbanak gang — whose members are based in Ukraine, Russia, and China, according to the BBC — was finally arrested, according to Europol.