The bank heist movies of the future will probably feature more keyboards than guns. Just look at this Russian and Ukrainian hacker group that is having no problem cleaning out banks. The cybercriminals have already stolen from bank accounts, but now they're getting even more brazen and taking money straight from bank ATMs.
The attacked banks weren't in the U.S., but the tactics used by the hackers would likely work here, too. The Anunak Group hacks its way into bank systems using phishing emails full of malware, and by buying already-infected computers from other hackers. They disguised the emails to look like they came from Russian banking officials. Once inside a bank's network, the group tried to infect more banks and used other malware to access the bank's ATM system.
The hackers used that malware — along with a modified legitimate program for managing ATM cash trays — to change the denomination settings for bank notes in 52 different ATMs.
Then, when their partners tried to withdraw 100 rubles from affected ATMs, the machines actually spit out 5,000 rubles. The heists have resulted in a payday worth around $15 million. This likely isn't their first high-profile string of hacks, either.
The group behind the recent string of ATM hacks is believed to be the same one that used its own Carberp Trojan virus to attack Russian banks and steal $2 million a few years ago.
But, some of this group's attacks have hit much closer to home for us. That's because they may not just target banks in Russia. The hackers are also suspected of hitting major retail stores, including some in the U.S.
In any case, Group-IB and Fox-IT note that the Anunak gang has hit a total of 16 retailers so far.