Global cyber, ATM heist nets thieves $45 million from 26 counties


blackrican23

Recommended Posts

cyber10n-2-copy.jpg

 

Acting with a stunning degree of cyber-skill and tremendously precise coordination, a network of thieves stole $45 million from ATM machines in 26 countries in two global ripoffs, federal authorities said Thursday.

The breathtaking computer-based capers included $2.8 million in funds stolen with ease from cash machines in New York City, marking the biggest cash theft in the city since the infamous $5 million Lufthansa heist at Kennedy Airport in 1978.

The money came from information stolen from databases of prepaid debit cards that was then copied onto doctored plastic cards with magnetic strips. The international thefts were pulled off this past Dec. 22, when $5 million was taken, and again on Feb. 19-20, which proved to be the true jackpot, netting $40 million in 36,000 transactions within 10 hours.

large-money-trail-map-cyber10n.jpg

 

The expertise of the operation, and the rapidity through which so-called “cash crews†drained money from ATMs, revealed the increasingly difficult task banks and investigative authorities face in protecting assets in the digital age.

“Instead of using masks and guns, this cyber-crime organization used laptops and malware,†Brooklyn U.S. Attorney Loretta Lynch said in announcing the arrest of eight foot soldiers who helped carry out the plans in New York. The leader of the network’s New York cell was also charged, though he was murdered last month in the Dominican Republic.

The ATM withdrawals took place across the globe as cash-grabbing crooks fanned out with the fake cards and acted according to a detailed, supervised plan. Lynch called the network “a virtual criminal flash mob.â€

 

cyber10n-4-copy.jpg

 

The hackers obtained debit card data, eliminated withdrawal limits on the accounts, created access codes and then sent a network of operatives fanning out to withdraw money in multiple cities in North and South America, Europe, Africa and Asia, authorities said.

In cyber-crime circles, the jobs the network pulled off are called an “unlimited operation.†The name is simple enough: With top-notch hacking that compromises financial networks, masterminds can access nearly unlimited amounts of money if they can recruit effective underlings.

cyber10n-5-copy.jpg

 

In this case, the big fish are still at large.

The process started when hackers used complicated computer tricks to breach the networks of two credit card processors that handle transactions for prepaid debit cards, according to authorities.

These cards are generally used by employers to pay employees or by charitable groups to distribute disaster assistance, authorities said. The accounts accessed by the cards are loaded with a specified amount of cash — but the hackers tweaked the virtual security protocols to drastically hike the limits or to do away with them entirely.

cyber10n-15-copy.jpg

 

From there, the hackers sent the stolen information and PINs to the foot soldiers. The cashers took the information and encoded it onto useless plastic cards — anything with a magnetic stripe, like an old bank card or a gift card sold by a retailer. Next came the flash-mob part of the process, as the “cashers†descended on ATMs according to an intricate plan and used the wired cards to withdraw as much money as they could carry.

 

All the while, according to authorities, the hackers and brains behind the operation were monitoring each henchman’s take through computer networks. Cash crews in the two heists cleaned out ATMs in countries including Russia, Japan, Egypt, Romania, Britain, Sri Lanka, Canada and Colombia — 26 nations in all.

 

cyber10n-16-copy.jpg

 

The cash men then took their cut, laundered the proceeds, and sent the ill-gotten gains to the bosses. Crooks in this type of operation often laundered the hot money by buying luxury goods.

The first cyber-attack targeted pre-paid MasterCard debit cards issued by the National Bank of Ras Al-Khaimah in the United Arab Emirates. The second invasion penetrated computers of Bank of Muscat in Oman.

Authorities said the network’s New York cell was based in Yonkers and coordinated withdrawals of $2.8 million from hundreds of bank machines in Manhattan, Brooklyn and Queens.

cyber-12.jpg

 

Some of them got sloppy once their wallets got heavy. Investigators seized cell phone photos of the thieves posing with piles of dough.

“They seemed star-struck themselves by the amount of money they had looted," lynch reported

 

The reputed ringleader of the New York crew, Alberto Yusi Lajud-Pena, who was known in the underworld as “Prime†and “Albertico,†was murdered in the Dominican Republic on April 27. Lajud-Pena had more than $100,000 in his possession when he was killed, officials said.

Named in the indictments unsealed in Brooklyn Federal Court Thursday were Jael Mejia Collado, 23; Joan Luis Minier Lara, 22; Evan Pena, 35; Jose Familia Reyes, 24; Elvis Rodriguez, 24; Emir Yeje, 24; and Chung Yu-Holguin, 22. All reside in Yonkers.

Collado and Yu-Holguin are employed as bus drivers for private companies contracted by New York City schools, prosecutors said. They were arrested Wednesday night and ordered held without bail.

 

In New York City, the Yonkers crew grabbed nearly $400,000 in 700 transactions during the December attack, according to court papers. The February strike reaped $2.4 million from 3,000 bank withdrawals made during a wild 10-hour spree.

Lynch said no personal bank accounts were compromised.

After kicking up the required share to the hackers, the crew purchased Rolex watches, a Porsche sedan and a Mercedes Benz SUV.

 

cyber10n-7-copy.jpg

 

ATM surveillance camera photos taken between 4:31 p.m. and 10 p.m. on Feb. 19 showed Reyes at multiple bank windows as he cut a swath along Broadway in Manhattan. The footage depicted his backpack getting fuller with each stop — like a scene from a crook’s dream.

Officials refused to discuss the ongoing investigation of the computer hackers, but acknowledged they are not based in the U.S.

cyber-30.jpg

 

These cyber attacks were marked by the “surgical precision†of the hackers, the global breadth and the speed in which the thefts were executed, Assistant Brooklyn U.S. Attorneys Cristina Posa, Kevin Trowell and Hilary Jager stated in court papers.

Because the withdrawal limits on the fraudulently encoded cards have been lifted, the cyber attack is known as an "unlimited operation" because an unlimited amount of cash can be taken from the ATM machines.

In the theft connected to the Bank of Muscat, more than $2 million in stolen cash remains unaccounted for, prosecutors said.

Besides laundering the funds by purchasing luxury items, a haul of 7,491 $20 bills was deposited in a Miami bank account.

Investigators have amassed “overwhelming†evidence against the defendants by comparing surveillance camera images from the ATM machines to the suspects’ driver’s license photos and Facebook pages, prosecutors said.

Each of the seven living indicted suspects faces a maximum of 10 years in prison on each of the money laundering counts and 71/2 years for conspiracy raps.

Tim Ryan, a former FBI supervisory special agent who led the largest cyber-crime squad in the U.S., said the hackers couldn’t be more different but are united in criminal intent.

“They have two different skill sets and are two different groups of people who would never hang out in a bar together, but when it comes to robbing a bank, there’s a trust between them,†said Ryan, a managing director with Kroll Advisory Solutions

 

 

Read more: http://www.nydailynews.com/new-york/cyber-thieves-busted-45-million-heist-article-1.1339051#ixzz2StgNqeBN

 


 

Link to comment
Share on other sites

The perfect crime, nobody is physically harmed, no home is burgled, no car is stolen, no assault or sexual harassment or rape and the and the banks will have to cover the money lost, So no-one other than men in grey suits are affected....yet they will ever see the light of day again if they get found guilty!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.