Information from the Federal Bureau of Investigation — FBI.gov: It was a highly sophisticated and cleverly orchestrated crime plot. And one unlike any we’ve ever seen before.
It culminated a year ago this month when a wave of thieves fanned out across the globe nearly simultaneously. With cloned or stolen debit cards in hand — and the PINs to go with them — they hit more than 2,100 money machines in at least 280 cities on three continents, in such countries as the U.S., Canada, Italy, Hong Kong, Japan, Estonia, Russia, and the Ukraine.
When it was all over — incredibly within 12 hours — the thieves walked off with a total of more than $9 million in cash. And that figure would’ve been more, had the targeted ATMs not been drained of all their money.
The alleged masterminds of this slick scheme — prosecutors charged earlier this month following an extensive FBI investigation assisted by other federal agencies and our partners around the globe — were three 20-something Eastern Europeans and an unnamed person called simply “Hacker 3.”
Working together, the four hackers cooked up “perhaps the most sophisticated and organized computer fraud attack ever conducted,” according to Acting U.S. Attorney Sally Quillian Yates of the Northern District of Georgia.
- It started when a 28-year-old Moldovan man learned of a vulnerability in the computer network of major credit card processing company based in Atlanta. With an eye toward exploiting it, he passed that information to a hacker living in Estonia.
- The Estonian conducted “reconnaissance” on the network vulnerability and shared what he learned with a hacker in Russia.
- With the help of the three other hackers at varying times, the Russian busted into the electronic network, reverse-engineered the PIN codes from the encrypted system, and raised the limits on the amount of money that could be withdrawn from the prepaid payroll debit cards. (These cards, used by many companies, enable employees to withdrawal their salaries from an ATM.)
- In addition to providing computer support, Hacker 3 managed the network of thieves around the world—called “cashers”—who used a total of 44 counterfeit cards to withdrawal the $9 million. The Estonian also managed his own cashing group.
- As the cashers went to work, the Russian took the lead in monitoring the victim company’s database to track the illegal withdrawals. With the Estonian, he later deleted or tried to delete files on the computer network to cover their tracks.
- When the ATM thefts were complete, Hacker 3—with the help of the Estonian—gathered and divvied up the proceeds. The cashers got to keep 30 to 50 percent of the money they stole; the rest went to the four hackers.
Fortunately, the company reported the breach immediately, and we quickly got to work. Our ensuing case was made with a great deal of international cooperation and even led to joint investigations overseas. Suspected cashers, for example, have also been identified and arrested in Estonia and Hong Kong.
The case is a testament to both the globalized nature of crime in today’s world and the international reach of the FBI, which depends more and more on a network of 61 overseas offices worldwide to protect the U.S. from a range of national security and criminal threats.
For more information, go to FBI.gov.
(FBI badge photo and Cyber-crime graphic from FBI.gov)
*********
Pease Note: All suspects are presumed innocent unless and until proven guilty in a court of law.
This column is provided for general information purposes only. Please check with your local law enforcement agency and legal professional for information specific to you and your jurisdiction.
The information in this article is provided “as is”, with all faults, expressed or implied. The author and/or publisher and/or copyright holder makes no guarantee regarding the accuracy or completeness of the information. In no event shall the author and/or publisher and/or copyright holder be liable for any incidental or consequential damages, punitive damages, lost profits, and/or any indirect damages.
