Eight Indicted in $9M RBS WorldPay Heist
Brian Krebs writes on Security Fix:
Eight men have been indicted on charges that they hacked into credit card processing firm RBS Worldpay, and helped steal more than $9 million in a highly coordinated heist nearly a year ago, the U.S. Justice Department said Tuesday.More here.
The 16-count indictment, which names individuals from Estonia, Moldova and Russia, is the first major break in a case federal investigators are calling "perhaps the most sophisticated and organized computer fraud attack ever conducted."
The men are accused of cracking the data encryption that RBS WorldPay used to protect customer data on payroll debit cards, allowing them to clone the cards. Some companies use payroll cards in lieu of paychecks by depositing employee salaries or hourly wages directly into payroll card accounts, which can then be used as debit cards at ATMs. According to the government, the hacking ring also was able to raise the daily withdrawal limits on compromised accounts.
The Justice Department alleges that 44 counterfeit payroll debit cards were used to withdraw more than $9 million from at least 2,100 ATMs in at least 280 cities worldwide, including cities in the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan and Canada. The money was stolen over a period of less than 12 hours, investigators say.
Dozens of accomplices -- also known as "cashers" -- who were hired to pull the money out of ATMs remain at large. The indictment alleges that the cashers were allowed to keep 30 to 50 percent of the stolen funds, but transmitted the bulk of the money back to the men named in the indictment.