LISTEN LIVE KPR - On Air: Listen Live to classical, jazz and NPR news Schedule LATEST
KPR 2 - On Air: Listen live to KPR's all talk-radio service, KPR2 Recordings

Share this page              

Report: Using Malware, Hackers Steal Millions From Banks

Putting in place a sophisticated digital racket, hackers were able to steal millions of dollars from up to 100 banks in what the Russian cybersecurity company Kaspersky Lab is calling "the most successful criminal cyber campaign we have ever seen."

Kaspersky, which helped uncover a piece of malicious software in the systems of bank computers, says the scheme worked like this: First the hackers were able to install malicious software on computers by phishing bank employees. That led to the infection of hundreds of machines.

The hackers kept watch until they found the computer of an administrator. That's when they recorded the screen and keystrokes to learn the system. Eventually, they mimicked the staff and transferred large sums of money from banks in Russia, Switzerland, Japan, the United States and the Netherlands to dummy accounts in other countries.

In other cases, they simply instructed ATM machines to dispense money at certain times, where a conspirator would collect it. Perhaps in a sign of the hackers' sophistication, each bank robbery took two to four months from the infection of the computer to cashing the money out.

Kaspersky was first alerted to the scheme by a piece of code hiding in an infected ATM machine. They investigated for months and eventually pieced together what was going on.

Kaspersky said it cooperated with police and learned that up to 100 institutions were targeted.

"In at least half of the cases the criminals were able to extract money from the infected institution. Losses per bank range from $2.5 million to approximately $10 million," Kaspersky said in a statement.

The New York Times, which reported on the heists over the weekend, says that projection is impossible to verify and the White House and FBI said they had been briefed and are still working to confirm and then "assess the losses."

The Times adds:

"No bank has come forward acknowledging the theft, a common problem that President Obama alluded to on Friday when he attended the first White House summit meeting on cybersecurity and consumer protection at Stanford University. He urged passage of a law that would require public disclosure of any breach that compromised personal or financial information.

"But the industry consortium that alerts banks to malicious activity, the Financial Services Information Sharing and Analysis Center, said in a statement that 'our members are aware of this activity. We have disseminated intelligence on this attack to the members,' and that 'some briefings were also provided by law enforcement entities.'"

Copyright 2015 NPR. To see more, visit

Tower Frequencies

91.5 FM KANU Lawrence, Topeka, Kansas City
96.1 FM K241AR Lawrence (KPR2)
89.7 FM KANH Emporia
99.5 FM K258BT Manhattan
97.9 FM K250AY Manhattan (KPR2)
91.3 FM  KANV Junction City, Olsburg
89.9 FM K210CR Atchison
90.3 FM KANQ Chanute

See the Coverage Map for more details

Contact Us

Kansas Public Radio
1120 West 11th Street
Lawrence, KS 66044
Download Map
785-864-4530 (Main Line)
888-577-5268 (Toll Free)