X Close

Archives

U.S. charges eight in $45 million cyber crime scheme

MYT 11:55:01 PM

NEW YORK (Reuters) - Individuals employed around the world by a sophisticated cyber crime ring stole $45 million (29.1 million pounds) from thousands of bank automated teller machines within a matter of hours, using hacked debit-card data, U.S. prosecutors said on Thursday.

Images taken from the phone of a suspect, who was one of the eight individuals charged with using data obtained by hacking into two credit card processors in a cybercrime scheme, are presented at a news conference in New York, May 9, 2013. REUTERS/Lucas Jackson
Images taken from the phone of a suspect, who was one of the eight individuals charged with using data obtained by hacking into two credit card processors in a cybercrime scheme, are presented at a news conference in New York, May 9, 2013. REUTERS/Lucas Jackson

Members of the global criminal organization hacked into two credit card processors and used stolen data to make more than 40,500 withdrawals in 27 countries, during two separate coordinated incidents in December 2012 and February 2013, the Justice Department said.

The government charged eight individuals in New York with participating in the larger scheme by withdrawing $2.8 million in thousands of ATM transactions, in what U.S. Attorney Loretta Lynch said was the second-biggest bank robbery in the history of New York City.

Lynch said it was likely that the headquarters of the global scheme was located outside the United States and that the current charges focused only on the New York-based cell. Investigators were examining whether other cells were operating elsewhere in the United States, she said.

"In the place of guns and masks, this cyber crime organization used laptops and the Internet. Moving as swiftly as data over the Internet, the organization worked its way from the computer systems of international corporations to the streets of New York City, with the defendants fanning out across Manhattan to steal millions of dollars from hundreds of ATMs in a matter of hours," said Lynch, whose office in Brooklyn, New York, brought the case.

The case demonstrates the major threat that cyber crime poses to banks around the world. Security experts frequently identify electronic fraud as one of the key challenges facing banks today.

"Hackers only need to find one vulnerability to cause millions of dollars of damage," said Mark Rasch, a former federal cyber crimes prosecutor, based in Bethesda, Maryland.

In the December attack, hackers gained access to an Indian credit card processor that handled prepaid Mastercard Inc debit cards for National Bank of Ras Al Khaimah PSC, or RAKBANK, according to a criminal indictment.

In February, the hackers broke into the system of a U.S.-based credit card processor to steal account numbers for prepaid Mastercard debit cards issued by Bank of Muscat, the indictment said.

The second operation was far larger than the first attack, eventually totalling $40 million in losses to Bank of Muscat.

In late February, Bank Muscat disclosed that it would take an impairment charge of up to 15 million rials (25.2 million pounds) because it had been defrauded overseas using 12 prepaid debit cards used for travel. That charge was equal to more than half of the 25 million rials profit it posted in its first quarter ended March 31.

The indictment does not identify the processor companies.

Bank representatives could not be reached for comment outside of regular business hours.

In both cases, the hackers boosted the available balance for each card and eliminated the withdrawal limits, allowing them to take out huge sums of money from ATMs in what prosecutors called an "unlimited operation."

A single account number, for instance, yielded nearly $9 million in profits, including $2.4 million in New York City alone, prosecutors said.

The hackers distributed the account numbers to coordinated "casher" crews stationed across the globe, who siphoned millions of dollars from ATMs within a span of hours in December 2012 and February 2013.

One of the New York defendants was caught in surveillance footage from ATMs in Manhattan during the February operation, prosecutors said.

After the cards were shut down, cashers laundered the proceeds, often by purchasing luxury goods, and sent a portion of the money back to the organization's leaders, prosecutors said.

Prosecutors said they seized hundreds of thousands of dollars in cash and bank accounts, as well as two Rolex watches and a Mercedes SUV, from the New York defendants.

No individual bank accounts were compromised by the scheme, Lynch said.

Authorities said they arrested seven of the eight defendants, all U.S. citizens and residents of Yonkers, New York. They are Jael Mejia Collado, Joan Luis Minier Lara, Evan Jose Peña, Jose Familia Reyes, Elvis Rafael Rodriguez, Emir Yasser Yeje and Chung Yu-Holguin.

The eighth defendant charged in the indictment, Alberto Yusi Lajud-Peña, also known as "Prime" and "Albertico," was murdered on April 27 in the Dominican Republic, according to prosecutors. Lynch said it was unclear whether the murder was related to the cybercrime case.

It wasn't immediately known which lawyers were representing the defendants.

(Additional reporting by Jim Finkle in Boston; Writing by Joseph Ax in New York; Editing by Noeleen Walder, Jan Paschal and Bernadette Baum)

advertisement

  1. Lawyer suffocates in attempt to rescue puppies from metre-deep hole
  2. Firefly flight bound for Kota Baru forced to turn back
  3. When the world turns upside down
  4. Malacca treasure no longer a myth
  5. The Obama double in Malaysia
  6. TV series 'Indian Summers' to be shot in Penang
  7. Babysitter swings one-year-old - and kills her instead
  8. Couple die after taking poison
  9. Malaysian passport 9th best in the world
  10. Japanese oil tanker robbed, three crew believed kidnapped in dramatic dawn raid

advertisement

advertisement