It turned out that hackers stealed over 35 billion yen by installing malware in banks

ByOTA Photos

It was revealed that the vast amount of money was illegally drawn out mainly by Russia, ATM of the bank became the attack target of cyber criminals, and malware was set up. According to the Kaspersky Laboratory which conducted the survey, the target is more than 100 financial institutions in more than 30 countries including Japan, Switzerland, the United States and the Netherlands in addition to Russia.

Kaspersky Lab | Antivirus Protection & Internet Security Software
http://www.kaspersky.com/


Bank Hackers Steal Millions via Malware - NYTimes.com
http://www.nytimes.com/2015/02/15/world/bank-hackers-steal-millions-via-malware.html


This is what the New York Times reported on the contents of the report scheduled to be released on February 16 by Kaspersky Lab. According to the report, evidence has been found about the damage of 300 million dollars (about 35.6 billion yen) at the present time, and it is estimated that the total amount will be tripled if including those not found out.

The malware used for the cyber attack reaches the bank clerk as a message from a colleague, and when the banker tries to read the mail, it causes the PC to download malignant code. Here, hackers intruded into the network of the bank, looking for a person in charge of remittance system and ATM processing, installed a remote monitoring tool that can shoot screenshots and movies on the personnel PC. I will grasp what the remittance procedure is like. In the meantime, hackers prepare fake accounts of banks in the United States and China that will be the remittance destination, and eventually they are doing "illegal remittance" by taking exactly the same procedure as normal remittance processing .

As a concrete example, a hacker first selects an appropriate account. For example, if there is a deposit of 100,000 yen, temporarily increase the deposit amount to 1 million yen, and immediately transfer 900,000 yen to the accounts prepared by them. When processing is over, the original 100,000 yen remains in the account, so the real account holder does not notice what was done.

In addition, as an example, there was a situation that money suddenly appeared even though no one was manipulating ATM. Of course, this is a method that hackers operate to make a withdrawal with a specific ATM from their target account at a specific time, accidentally collecting money by accidentally meeting this situation.

According to the Kaspersky Laboratory, it seems that hackers have succeeded in this illegal remittance with an incredible success rate because it is about every 10 hours in many banks to check whether the account is normal or not. Even in the known range, there are cases where 7.3 million dollars (about 866 million yen) was stolen through ATM and cases where 10 million dollars (about 1.186 million yen) were stolen via the accounting system It is said that there is.

Chris Doget, Managing Director of the Kaspersky Laboratory North America office, said this series of crime "Oceans 11It is more clever than "it is expressed.

Please note that Google and Facebook have a system that gives you incentives when you report these security holes, and you can find the "found" on Facebook on February 2015It was possible to delete others' photos without permissionAbout 1,500,000 yen of reward is paid for the case that it is called "