Suspected cybercrime mastermind behind US$1.2 billion bank hacks is arrested in Spain

Europol said the hacking group had operated in 40 countries, targeting 100 banks, and could make ATMs spit out money at will

PUBLISHED : Tuesday, 27 March, 2018, 2:01am
UPDATED : Tuesday, 27 March, 2018, 2:44am

Spanish police have arrested the suspected leader of a gang of cyber criminals who stole up to €1 billion (US$1.2 billion) from banks by altering account balances and instructing automatic teller machines to issue cash at will, Europol said on Monday.

The person suspected of being behind malware attacks known as “Carbanak” and “Cobalt” was arrested in Alicante, a port city on the southeast coast of Spain, after cooperation between police forces in the United States, Asia and Europe, Europol said.

The Interior Ministry said “Denis K”, who had directed the criminal organisation from Spain since 2013, was arrested with three members of his organisation, who originally came from Russia and Ukraine, it said. The Ukrainian police did not provide further details.

Europol said the group had operated since 2013, with members in 40 countries carrying out attacks on 100 financial institutions.

They targeted bank employees with emails infecting their computers and then using them as a base to gain control of bank networks and servers.

“With that level of access, the nefarious individuals authorise fraudulent bank transfers, raise the balances of mule accounts or command affected ATMs to spit out the money for them,” Europol said.

Facebook users find Android apps collecting call and text data

Europol, said the US Federal Bureau of Investigation, Romanian, Belarusian and Taiwanese authorities, and private cybersecurity companies were assisting in the case.

The Interior Ministry said that during the raid in Alicante police seized jewels worth €500,000 and two luxury cars. It also blocked bank accounts and two homes valued at about €1 million.

The organisation needed the support of other criminal groups to coordinate the work of the “mules” they used to extract money from cash points that they attacked, it said. Until 2015 they used the Russian mafia for this, and after 2016 the Moldovan mafia.

Their earnings were converted into bitcoin at exchange houses in Russia and Ukraine. These were later transferred to their accounts and they accumulated about 15,000 bitcoin, Interior Ministry said.

Governments, business must work together to fix cybersecurity

“Denis K” used financial platforms in Gibraltar and the United Kingdom to load prepaid cards with bitcoin and spend them in Spain on cars, homes, and other goods.

He also set up an “enormous network” to mine bitcoin which he used as a means of laundering money.