After a four year investigation, Europol announced it has arrested the suspected leader of a crime syndicate that stole $1.2 billion from over 100 banks in more than 40 countries using malware. According to Europol, the suspect was arrested by the Spanish National Police in Alicante, Spain, with support from the FBI, Romanian, Belarusian, and Taiwanese authorities, along with cybersecurity companies.
Beginning in 2013, the crime syndicate used multiple malware campaigns — the first called Anunak, followed by more complex versions known as Carbanak and Cobalt — to access bank employees’ computers using phishing scams, and then take over bank systems and access the servers that controlled ATMs.
The group used that access to remotely dispense money from ATMs for their associates to grab, inflate account balances, then take the money out at ATMs, and transfer money from the infected banks into accounts they controlled. Europol says the group would then use prepaid cards linked to cryptocurrency wallets to launder the money and buy luxury cars and houses.
At the height of their powers, Europol says the group was able to steal 10 million euros per heist. “The arrest of the key figure in this crime group illustrates that cybercriminals can no longer hide behind perceived international anonymity,” Steven Wilson, head of Europol’s European Cybercrime Centre said.
Europol did not name the suspect in its press release.