Seven arrested in New York for alleged 'criminal flash mob' ATM cybercrime

By on May 10, 2013, 5:00 PM
atm, hacking, cybercrime, unlimited operation, flash mob

Authorities in New York have arrested seven people in connection with a hacking scheme in which perpetrators stole $45 million from ATMs around the world. The attackers hacked into computer systems of banking and financial institutions in two separate but coordinated attacks, according to the US Immigrations and Customs Enforcement division of the Department of Homeland Security.

The attacks took place in December 2012 and February 2013, and although the recent arrests occurred in Yonkers, New York, the suspects are associated with an international crime ring, officials said. The illicit organization uses various hacking techniques to gain access to financial systems to steal money electronically.

The process involved making withdrawals from ATMs in 20 different countries, and in one of the attacks, more than 36,000 transactions were initiated in approximately 10 hours. Following the heist, the thieves purchased luxury goods, including sports cars and jewelry, in order to launder the money.

Prosecutors are calling the attack a “criminal flash mob” because of the scale of the attack and the coordinated methods used to extract money from ATMs. Dubbed “Unlimited Operation,” US Attorney Loretta E. Lynch of the Eastern District of New York said, “the organization worked its way from the computer systems of international corporations to the streets of New York City, with the defendants fanning out across Manhattan to steal millions of dollars from hundreds of ATMs in a matter of hours."

Rather than targeting individual account holders, the hackers went after debit card processors and increased the balance of prepaid debit cards. They then withdrew funds using the cards at ATMs during a worldwide coordinated effort with a team of participants.

The masterminds of the operation are yet unknown, but Lynch told the Wall Street Journal that prosecutors are investigating specific individuals in Europe and Asia in search of them. If convicted, the defendants who were recently arrested face a hefty sentence. A maximum of ten years in federal prison for the four counts of money laundering, and up to seven years for conspiracy to commit access device fraud.




User Comments: 9

Got something to say? Post a comment
1 person liked this | Guest said:

I guess they are all too smart to get a real job.

wastedkill said:

Just shows nothing is as secure as you think and tbh they need to be forced to work as a high end security job xD cant let them out once they have all that knowledge now can we!

1 person liked this | Skidmarksdeluxe Skidmarksdeluxe said:

At least they never wasted their time with small time stuff. If you're gonna do it, go big and make it worthwhile.

Tygerstrike said:

Where I can applaud that they didnt go after the banks account holder, im really impressed they found a way to steal "digitally". What I mean is they simply changed some numbers and got what they needed. I was pretty sure those prepaid cards were secured through the same services that regular cards were. Im guessing that really isnt the case.

Kudos for trying to go big!!! Shame on them for the theft.

captaincranky captaincranky, TechSpot Addict, said:

Oh yeah, "kudos" to them.

It seems everybody these days gets to decide they're both Robin Hood and the poor all at once! When you come down to it, it's the ultimate conceit, coupled with the ultimate hypocrisy. Spare me.

jackal2687 said:

Oh yeah, "kudos" to them.

It seems everybody these days gets to decide they're both Robin Hood and the poor all at once! When you come down to it, it's the ultimate conceit, coupled with the ultimate hypocrisy. Spare me.

Hypocrisy is the bank for having the counterfeit money in the first place. I honestly don't care if a bank gets screwed over, it's better they get what they dish out on a daily basis.

Maddock said:

... I was pretty sure those prepaid cards were secured through the same services that regular cards were. Im guessing that really isnt the case....

Actually, anybody can raise positive balance on Your prepaid (debit) card; I need only Your account number and Your name, maybe number of bank (ID of Your bank a.k.a. IBAN). Nothing more, and I can acquire this information very free.

Now, if someone get access to right tools, there is possibility to increase balance of any other account. I think, some of "criminals" were just people, which accounts was simply increased while real hackers take some money away and leave this fools as decoy. Sure, it is just one of possibilities: logically I must do this same in this situation. Better is take 10 mio $ and slip away - 30 KK $ leave on decoy accounts. Other possibility is take 40 KK and get in jail. Which way You wish to choose?

Guest said:

What can you expect, we live in the world where we all are prisoners of money.There is more to come.

Tygerstrike said:

@Capt

I think you misunderstand my kudos to these thieves. My kudos was that this wasnt a couple of thugs grabbing their buddys gun and trying to stick up a bank. No, this was sneaky and quiet until the money went missing. They had a plan, exectued it, then got away. Im sure the banks were scratching their heads wondering where this missing money is. In that time they got away. This is almost as smooth as say oceans 11.

It took some serious planning and afew GIANT pairs to do this. Theres where my kudos rest. It took smarts,planning and ballz.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.