A hacking ring has stolen up to $1 billion from banks around the world in what would be one of the biggest banking breaches known, the Russian security company Kaspersky Lab says in a report scheduled to be delivered Monday.
Most of the targets have been in Russia, the U.S., Germany, China and Ukraine, although the attackers may be expanding throughout Asia, the Middle East, Africa and Europe, Kaspersky says. Kaspersky didn’t identify the banks and is still working with law enforcement agencies to investigate the attacks, which the company says are ongoing.
The hackers have been active since at least the end of 2013 and have infiltrated more than 100 banks in 30 countries, gaining access through phishing schemes and other methods, the company said. They lurk for months to learn the banks’ systems, taking screen shots and even video of employees using their computers, it said.
Once the hackers become familiar with the banks’ operations, they use that knowledge to steal money without raising suspicions, programming ATMs to dispense money at specific times or setting up fake accounts and transferring money into them, according to Kaspersky.
The goal seems to be financial gain, not espionage, said Vicente Diaz, Kaspersky’s principal security researcher.
“In this case, they are not interested in information. They’re only interested in the money,” he said. “They’re flexible and quite aggressive and use any tool they find useful for doing whatever they want to do.”
The report, which is set to be presented Monday at a security conference in Cancun, Mexico, was first reported by The New York Times.