One night Raiffeisen Bank lost control of all ATM’s in Romania. The hackers took control of all the ATM’s across the country which seems almost impossible. It was the biggest loot of cash money in the history of Romania, and the authorities did not blow a word.
On that night Cyber criminals stole 3.8 million slopes from 32 ATMs in the year 2016. All the ATMs belong to Romania Bank Raiffeisen. The hackers used an infected RTF document file to exploit Microsoft Word vulnerabilities. Through which hackers installed cobalt malware in the system and gained control of the bank’s network.
How hackers commence the cyber-attack:
The ATM looting operation took place between 9 August 2016 and 4 September 2016 by the hackers. The hackers launched a spear-phishing attack against Raiffeisen Romania between August 9, 2016, and September 4, 2016, by sending emails having malicious RTF document. Rich Text Format (RTF) is a file format that lets you exchange text files between different word processors.
“Spear phishing is an email-spoofing attack that targets a specific organization or individual, seeking unauthorized access to confidential data”.
The bait document that appeared as sent on behalf of the European Central Bank contained the code to trigger the vulnerability in the target systems. In this way, the attackers took control over the whole network of the bank and were able to control the ATMs.
Hackers simultaneously withdraw money from different parts of the country on the night of 3rd and 4th September.
This biggest loot of cash money took place due to negligent supervision and unaware employees.
The brain behind the cyber-attack:
The hackers are of the extremely coordinated organization and were dressed in hooded sunglasses and waiting for orders. They are waiting in front of Raiffeisen Iasi, Bucharest, Suceava, timeshare, Constanta, Plitvice, Saxon and Crevedia vending machines with handbags.
One of the members of the cyber hacking crime was arrested in Iasi named Dmitry Kavisov. He was the leader of this criminal organization that was operated in Romania. The authorities from Russia recovered 80,000 euros from his 3.8 million euros.
- The attacker remotely controlled the ATM and instructed all 32 ATMs to allocate all available funds. After that their members moved to the ATMs and collected the money.
- This single night robbery exceeds any robbery ever committed in the history of Romania, about 860 thousand euros.
- Bank lost the trust of their customers and intellectual properties as well.
What bank could have done?
The bank might secure their data from these types of phishing attacks by waking their employees. Many hacks took place because of lack of awareness among the employees about phishing attacks.
The organizations can hire ethical hackers to explore the vulnerabilities in their computer system and will suggest the solutions to undo any security loopholes in networks.
The only reasonable way to stop phishing is by training your employees on the proper cyber-attack protocols. Kratikal Academy provides ethical hacking training for the employees working in different organizations to secure their system from hacking. We also provide cyber-security services to different organizations so that they can secure their confidential data.