Police in a number of countries have arrested five members of a cyber crime gang who stole an estimated €3 million using cash machine malware, Europol announced on Friday.
The law enforcement agency said the group carried out a string of “highly-sophisticated” attacks, using malicious software that forced ATMs to dispense all the cash they contained.
Members of the group used spear-phishing emails containing compromised attachments to access banking systems, taking control of cash machines and then deleting all evidence of criminal activity.
Once the malware triggered infected machines to start dispensing cash, members of the gang moved in to grab the money.
Europol did not name all of the individuals taken into custody, but said it had been investigating the group since the beginning of last year with the support of a number of police forces across the globe.
The group is said to have recruited members from multiple countries, allowing it to commit offences all over the world. Europol said its European Cybercrime Centre (EC3) and the Europol Liaison Office at Interpol IGCI assisted the investigation.
Head of Europol’s European Cybercrime Centre Steven Wilson commented: “The majority of cybercrimes have an international dimension, taking into account the origins of suspects and places where crimes are committed.
“Only through a coordinated approach at the global level between law enforcement agencies can we successfully track down the criminal networks behind such large-scale frauds and bring them to justice.”
Three members of the gang were apprehended in Taiwan last July by the Taiwanese Criminal Investigation Bureau. Latvian Andrejs Peregudovs, Niklae Penkov from Moldova, and Romanian Mihail Colibaba were each jailed for five years last Wednesday after targeting First Commercial Bank’s cash machines. They were each fined Tw$600,000 (€17,780) and will be deported once they have served their sentences.
Prosecutors had been seeking 12-year terms for the men, arguing that the attack “seriously disrupted financial order and caused public panic” after the bank was forced to close down its ATM network as soon as it became aware it had been targeted.
It is believed another 19 suspects were able to flee Taiwan after their accomplices were caught. Of the two unnamed arrested suspects who are yet to be prosecuted, one was held by the Romanian National Police, while the other was detained by the Belarusian Central Office of the Investigative Committee.
Europol said some of the money the gang stole has been recovered.
According to security experts, the gang took advantage of flaws in the software used to control cash machines in some parts of the world. Some ATM software is based on Windows XP, which is no longer updated by Microsoft and is riddled with security weaknesses.