Kaspersky Lab said the total amount stolen could be as high as $1bn, which it described as “an unprecedented cyber robbery” and “a new stage in the evolution of cyber criminal activity”.
The security company has worked with Interpol, Europol and other law enforcement authorities.
It said that a “multinational gang” of criminals – from Russia, Ukraine, China and parts of Europe – were behind the ongoing attacks.
Up to 100 banks and financial institutions were targeted, in around 30 countries, although the majority were in Russia.
Each robbery took between two and four months, and up to $10m was stolen in each.
The criminals first gained access to a bank by infecting an employee’s computer through a spear phishing email – a targeted message which resembles a trustworthy source – that infects the machine with what Kaspersky have called “Carbanak” malware.
This allows remote surveillance of a network, and the criminals then bide their time and observe the screens of bank staff who handle cash transfers.
When they understand enough about the system they would transfer money from the bank to their own accounts.
No customers lost money as a result of the attack.
The criminals also programmed cash machines to dispense money at a pre-determined time, with a criminal waiting to collect the cash.
Sergey Golovanov, principal security researcher at Kaspersky Lab’s Global Research and Analysis Team, said: “The attackers didn’t even need to hack into the banks’ services: once they got into the network, they learned how to hide their malicious plot behind legitimate actions.
“It was a very slick and professional cyber robbery.”
Sanjay Virmani, director of the Interpol Digital Crime Centre, added: “These attacks again underline the fact that criminals will exploit any vulnerability in any system.
“It also highlights the fact that no sector can consider itself immune to attack and must constantly address their security procedures.”
source: Sky News
Image source: New York Times