Unknown Hacking Group Pulls $300 Million International Bank Heist

Unknown Hacking Group Pulls $300 Million International Bank Heist
Image credit: Pixabay

Grow Your Business, Not Your Inbox

Stay informed and join our daily newsletter now!
Staff Writer. Covers leadership, media, technology and culture.
2 min read

Fears of a cyberattack are chief among financial institutions' concerns. And it's no wonder why.

In a troubling report released this week, global cybersecurity firm Kaspersky Lab found that, since 2013, there has been an ongoing infiltration of over 100 banks and financial institutions in 30 different countries. The hacker group behind the attacks is still at large and largely unknown.

Related: What Startups Need to Do to Be Cyber Secure in 2015

The group -- which has been dubbed the "Carbanak cybergang" because of the type of malware they used -- has stolen anywhere from $300 million to roughly three times that. The hackers planted the malware in bank computers via infected e-mails (posing as bank employees) targeting the main admin computer. They then recorded the computers for months as bank employees went about their business.

The hackers took money from banks in Japan, the Netherlands, Russia, Switzerland and the U.S and transferred it to fake accounts in other countries, reports The New York Times. The withdrawals were reportedly limited to $10 million to avoid tripping any precautions the banks had in place. They also used the stolen information to get into the e-banking systems and ATMs -- which ultimately led to the discovery of the large scale attack.

Related: The Next Place Hackers Will Find You? Your Car.

Kaspersky Lab began investigating the attack after an ATM in Kiev, Ukraine, started shooting out extra cash, completely unbidden at different times during the day.

The Russian firm's findings come at a fraught time, especially after the illuminating and frightening fallout from the Sony hack. Last week, President Obama spoke at the  Summit on Cybersecurity and Consumer Protection at Stanford University and signed an executive order urging the private sector to  "share information related to cybersecurity risks and incidents and collaborate to respond in as close to real time as possible." These efforts follow the president's call for a 30-day breach notification law in January. 

Related: Better Safe Than Sorry: How Startups are Staying Protected in Cyberspace

More from Entrepreneur

We created the SYOB course to help you get started on your entrepreneurial journey. You can now sign up for just $99, plus receive a 7-day free trial. Just use promo code SYOB99 to claim your offer.
Jumpstart Your Business. Entrepreneur Insider is your all-access pass to the skills, experts, and network you need to get your business off the ground—or take it to the next level.
From business to marketing, sales, design, finance, and technology, we have the top 3 percent of Experts ready to work for you. Join the future of work and learn more about our Expert solutions!

Latest on Entrepreneur