Kaspersky Lab today revealed that cybercrime organizations are increasingly stealing funds from banks by employing many of same Advanced Persistent Threat tools and tactics that previously were only attributable to nation-states.
The cybercriminal group Metel has found a way to compromise banking systems in order to surreptitiously “roll back” ATM transactions, as if they never happened. This way, a debit card's balance always appears to stays the same, despite multiple withdrawals.
Another criminal operation, GCMAN, has discovered a way to infiltrate banking systems using only legitimate tools such as Putty, VNC and Meterpreter utilities, in order to transfer money to e-currency services without detection.
The APT known as Carbanak has returned as Carbanak 2.0, targeting not only banks, but also the budgeting and accounting departments of various organizations.