CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Five Arrested in $45 Million Cyber Heist

NEW YORK CITY – Five people were arrested Monday following a global “cyber heist” in which hackers stole $45 million by overriding the cash withdrawal limits of prepaid debit cards, US officials said.

NEW YORK CITY – Five people were arrested Monday following a global “cyber heist” in which hackers stole $45 million by overriding the cash withdrawal limits of prepaid debit cards, US officials said.

According to the US Justice Department, those arrested were said to be members of the New York cell of an “international cybercrime organization, which used sophisticated intrusion techniques to hack into the systems of financial institutions, steal prepaid debit card data, and make fraudulent ATM withdrawals on a global scale.”

Officials said the cyber-ring managed to steal $45 million in late 2012 and early 2013 by manipulating the limits of prepaid debit cards from Abu Dhabi-based National Bank of Ras Al-Khaimah and Bank Muscat of Oman.

Cybercriminals ArrestedThe five arrested individuals face charges unsealed in an indictment. Eight others were charged in May.

This type of heist is known in criminal circle as an “unlimited operation.”

Two were allegedly carried out: first on December 22 last year and again on February 19 and 20 this year.

In the first heist, more than 4,500 ATM transactions were conducted in some 20 countries around the world, resulting in $5 million in losses. In the second in February 2013, cybercells in 24 countries withdrew about $40 million from ATMs, according to officials.

In the initial stage, taking several months, sophisticated hackers allegedly infiltrated credit card processors’ computer networks, looking into databases of prepaid debit cards, a tool used often by employers and aid organizations.

Breaking into the system, the hackers eliminated withdrawal limits imposed by banks.

Advertisement. Scroll to continue reading.

Next, the cybergang distributed the debit card numbers to its street associates who loaded more magnetic stripe cards, like gift cards, with the stolen data.

Those arrested on Monday were identified as Anthony Diaz, Saul Franjul, Saul Genao, Jaindhi Polanco and Jose Angeley Valerio.

“As alleged, just a few months ago, after exploiting cyber-weaknesses in the financial system to steal millions from ATMs, these defendants were packing bags to the brim with stolen cash, destined for the cybercriminal organizers of these attacks,” said US Attorney Loretta Lynch.

“Today, we have sent them packing once again — but this time, to jail. We will not relent until all those responsible for these financially devastating cybercrimes are brought to justice.”

Authorities said newly seized photographic evidence revealed that the defendants sent $800,000 of cash proceeds in luggage by bus for delivery to a cyberheist organizer.

A sixth defendant, Franklyn Ferreira, is a fugitive from justice.

Of those charged earlier this year, four have pleaded guilty to charges in the case.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.

Register

As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...