The U.S. Department of Justice stated that they’ve detained 18 International Cybercriminals who allegedly committed various financial frauds and stole tens of millions of dollars from financial institutions and individuals. The hackers were involved in ATM skimming and money laundering operations and have stolen more than US$ 20 million across the U.S., including 17 different states.
According to Geoffrey S. Berman, the U.S. Attorney from New York, the hackers were indicted for committing a variety of crimes, including bank fraud, device fraud, wire fraud, and identity theft. The 18 defendants imported skimming devices from different countries and deployed in ATMs to record debit card details and personal identification numbers whenever the victims use an ATM. The stolen information was then used to fraudulently withdraw cash from victims’ bank accounts.
“The Skimming Organization unlawfully obtained victim accountholders debit card account information by using advanced technological devices to surreptitiously record the debit card numbers and personal identification numbers at automated teller machines (ATMs), and then manufacturing counterfeit and fraudulent debit cards that bore the victim accountholders’ account information. The Skimming Organization’s members then used those cards to fraudulently withdraw cash from victims’ bank accounts,” the Department of Justice stated in its report.
“If they are found guilty then each defendant will be charged with one count of conspiracy to commit access device fraud, which carries a maximum sentence of 7.5 years in prison; one count of conspiracy to commit wire and bank fraud, which carries a maximum sentence of 30 years in prison; and one count of aggravated identity theft, which carries a mandatory sentence of two years in prison, consecutive to any other sentence imposed,” the report added.
Recently, security experts discovered a malware that’s intended to exploit ATMs of Indian Banks and steal customers’ sensitive information. The malware, dubbed ATMDtrack, allows the attackers to read and store customers’ card data when they are inserted into the infected ATMs.
According to Konstantin Zykov, a researcher at Kaspersky Labs, the attacker who created the ATMDtrack has been traced to the cyber-hacking outfit Lazarus Group controlled by North Korea’s primary intelligence bureau. The scandalous Lazarus Group is a prime suspect in a series of cyber-muggings, including the cyber- attack on Sony Pictures Entertainment in 2014, and the WannaCry ransomware attack in 2017.