Skip to content
Business
Link copied to clipboard

Cyber thefts impressed experts

Authorities said a ring targeted ATMs in 27 countries and netted $45 million. Seven have been arrested in New York.

In this undated photo provided by the United States Attorney’s Office for the Southern District of New York, Elvis Rafael Rodriguez, left, and Emir Yasser Yeje, pose with bundles of cash allegedly stolen using bogus magnetic swipe cards at cash machines throughout New York. Prosecutors in New York on Thursday, May 9, 2013 said that they are members of worldwide gang of criminals who stole $45 million in hours by hacking into a database of prepaid debit cards and draining cash machines around the globe. An indictment unsealed Thursday accused U.S. cell ringleader Alberto Yusi Lajud-Pena and seven other New York suspects of withdrawing $2.8 million in cash from hacked accounts in less than a day. (AP Photos/U.S. Attorney’s Office for the Southern District of New York)
In this undated photo provided by the United States Attorney’s Office for the Southern District of New York, Elvis Rafael Rodriguez, left, and Emir Yasser Yeje, pose with bundles of cash allegedly stolen using bogus magnetic swipe cards at cash machines throughout New York. Prosecutors in New York on Thursday, May 9, 2013 said that they are members of worldwide gang of criminals who stole $45 million in hours by hacking into a database of prepaid debit cards and draining cash machines around the globe. An indictment unsealed Thursday accused U.S. cell ringleader Alberto Yusi Lajud-Pena and seven other New York suspects of withdrawing $2.8 million in cash from hacked accounts in less than a day. (AP Photos/U.S. Attorney’s Office for the Southern District of New York)Read moreAP
    by By Colleen Long and Martha Mendoza, Associated Press, Inquirer
    Published 

NEW YORK - The bloodless bank heist that netted more than $45 million has left even cybercrime experts impressed by the technical sophistication, if not the virtue, of the con artists who pulled off a remarkable internationally organized attack.

"It was pretty ingenious," Pace University computer science professor Darren Hayes said Friday.

On the creative side, a small team of highly skilled hackers penetrated bank systems, erased withdrawal limits on prepaid debit cards, and stole account numbers. On the operational end, criminals used handheld devices to change the information on the magnetic strips of old hotel key cards, used credit cards, and depleted debit cards.

Seven people were arrested in the United States and accused of operating the New York cell of what prosecutors said was a network that carried out thefts at ATMs in 27 countries, from Canada to Russia.

"It's pretty scary if you think about it. They changed the account balances. That's like the holy grail for a thief," said Chris Wysopal, cofounder of security company Veracode.

"There were obviously a lot of great minds behind this exploit, and then there were the pawns, the mules. They are entirely exploitable," said Phyllis Scheck, vice president at the security firm McAfee, who has testified to Congress about how banks and small businesses need to prepare for cyber thieves.

Scheck couldn't help be impressed by the choreography. "They executed while the iron was hot. They got in and got out," she said.

In the end, the victims were not individuals. They were two banks, Rakbank in the United Arab Emirates and the Bank of Muscat in Oman, which had their card processors breached, prosecutors said.

Investigations continue and arrests have been made in other countries, but New York prosecutors did not have details. More arrests in the United States were possible, they said.

In New York, the cell was led by Alberto Lajud Pena, 23, who was found dead in the Dominican Republic with $100,000 in cash, prosecutors said. A man arrested in his death told authorities it was a botched robbery, and two other suspects were on the lam.