Anatomy of a global banking cyber theft

The Associated Press | World | Fri, may 10 2013, 3: 40 PM

Prosecutors say global hackers stole $ 45 million (€ 34.24 million) in cash from 27 countries with the help of thousands of ATMs in two separate attacks. In one, on 22 december, hackers picked up $ 5 million from 20 countries. On 19 February they made off with $ 40 million in 24 countries worldwide. Seven people were indicted in New York.

Here's how she did it:

___

Phase 1: Card processor network intrusion. Using malware, hackers breached the Rakbank processors for worldwide in the United Arab Emirates and the Bank of Muscat in Oman.

Phase 2: The hunt for the criminals overwrite security protocols and prepaid debit card systems and removing restrictions on the accounts. It takes months to penetrate the systems, said prosecutors.

Phase 3: access codes were created. Data is loaded on a plastic card with a magnetic stripe — an old hotel key card or an expired credit card would do, as long as it carried the account information, and the appropriate access codes.

Phase 4: Cells around the world fan out and start making repeated ATM withdrawals. In New York City alone, were 750 transactions are created in two hours and 25 minutes from 140 different ATMs total $ 400,000, prosecutors said.

Phase 5: Hackers maintain prevent unauthorized access to the banks to check the cashout keep rolling until the violation is discovered recordings and the systems can shut down.

Phase 6: cash is laundered and organizers are paid.

___

Source: U.s. Attorney's Office, Eastern District, Brooklyn