1.4 Billion Yen Stolen from Japanese ATMs in less than 3 Hours

japan-atmfraudOver 1.4 billion Yen was reportedly stolen in a span of two and a half hours across automated teller machines (ATMs) found in over 1,400 convenience stores in Japan this month.  According to the local police, the simultaneous theft occurred on March 15 where money was illegally withdrawn from ATMS located in Tokyo and 16 other locations including Kanagawa, Aichi, Osaka, and Fukuoka.

Law enforcement officials believe that the extraction was conducted by a group of more than 100 criminals between 5am to 8am using fraudulent credit cards containing information leaked by a bank in South Africa. It was reported that there were more than 14,000 transactions made. With each transaction extracting 100,000 Yen (or $900 USD)—the maximum credit card withdrawal limit  used in the said machines—the operation successfully amassed an amount equivalent to US$13 million.

Authorities are currently looking into how the theft was stealthily coordinated and carried out. It is believed that the group behind the operation strategically withdrew money outside the nation where the 1,600 credit cards containing leaked data (by way of hacking or other method) originated from. Authorities are currently devising ways to identify and analyze images recorded from security cameras. Also, investigations on the cybersecurity front will be conducted with the help of South African law enforcement agencies via the Interpol to determine how data was mined from the South African bank.

[Read: The Ins and Outs of Data Breaches]

This recent heist is reminiscent of a series of illegal withdrawals using fake bank cards from ATMs in over 26 countries including Tokyo, from 2012 to 2013, stealing an amount reaching to about 4.5 billion Yen. In the past two years, cybersecurity experts have seen a 15% increase in ATM-related fraud attacks from 2014 to 2015—with malware usage for ATM fraud believed to be a growing trend that is here to stay.

Financial Sector in Peril

This year, financial institutions have been taking a beating from cybercriminals with a string of banks falling prey to online crooks with varying techniques used to steal money and valuable data.

By the end of last week, a lawsuit divulging details of a breach that led to the theft of over $12 million USD surfaced. This was done by hackers illegally gaining access to codes used by Ecuadorian bank Banco del Austro, and used them to move money via the global interbank network SWIFT. At the tail end of April, another banking institution, Qatar National Bank, acknowledged a breach orchestrated by a Turkish hacking group resulting into a massive 1.5-gigabyte data dump consisting of customer information from bank credentials, telephone numbers, payment card details, and dates of birth. While bank officials disclosed that no financial impact on its customers came out of the incident, cybercriminals were able to send their message across that even the biggest institutions could easily be compromised.

On March, cybercrime group Buhtrap was identified to be behind the spear-phishing campaign that led to the loss of almost 2 billion rubles (or US$26 million), conducted in 13 successful attacks on various Russian banks. On February 2016, the biggest, “most ambitious thefts committed via cybercrime” was carried out by an unknown group that almost extracted more than a billion US dollars from the Bangladesh Central Bank. While the completion of the master plan using stolen codes via SWIFT has been thwarted, the cybercriminals still managed to move over US$80 million to a Philippines-based account in just hours.

These incidents show an increase in attention given by cybercriminals to the financial sector, continuing to devise number of ways to turn reputable institutions to victims. Martin Roesler, Trend Micro threat research director, wrote in a blog entry, deducing lessons on cybersecurity from the massive bank heist, “Security should not be a simple item on a checklist. It should be a process, an attitude, and a mindset,” he adds, “The incident involving the Bangladesh Central Bank adds to the growing list of proof points that support this statement, especially now that cyber-attacks are getting bigger and definitely more ‘real’ in terms of impact.”

Update: May 31, 2016

The Aichi police in Japan have arrested two men, Tatsuo Nakazono and Katsuya Sahashi, both from the Aichi Prefecture, in connection with the theft.

Nakazono and Sahashi divulged that they stole the money at the behest of an acquaintance in return for tens of thousands of yen, adding that they have already passed 1.2 million Yen to the contact. They withdrew money from ATMS located in two convenience stores using fake credit cards for a total of 12 times, with the cards bearing the names of men from Zimbabwe and South Africa. Police suspect that both men also withdrew another 2.6 million yen from ATMS in five 7/11 convenience stores around the prefecture. The men were identified by police through security camera footage.

South Africa’s Standard Bank confirmed that the bank was the victim of the heist, and that it will be shouldering the losses. The Japanese police suspect the possible involvement of more than 100 members of an international crime syndicate, and are currently working with South African authorities through the Interpol.

HIDE

Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.