Details about a sophisticated hack on an ATM network are just trickling in. Hackers associated with a Russian cybercrime ring attacked a series of banks in the US, UK, and Russia, according to Moscow-based cybersecurity company Group-IB.
A hacker group stole millions of dollars since May 2016 through international heists, including $8 million from 16 United States banks, according to a report released Monday by security firm Group IB. Group IB nicknamed the hackers “Money Taker” after the name of the malware used in certain attacks.
In addition to banks, victims include international law firms and financial software vendors. Money Taker is likely a criminal enterprise unaffiliated with any government, although they’ve proved to be highly-skilled, resourceful and well-equipped — similar to advanced persistent threat (APT) groups supported by a foreign government, said Group-IB’s Director Nik Palmer.
“The attacks were certainly conducted by a skillful targeted attack group,” explained Palmer. “The group is skillful enough to modify the tools that they used during the attack. In some cases, they created or modified tools during their operations which signifies a good level of technical capabilities.”
According to Group-IB, Money Taker is an entirely new hacking group. Analysts with the Russian company’s threat intelligence unit say they are confident the group was unidentified until Sunday, when the company published its initial research.