And it all starts coming true, those nightmare-filled sleepless nights are on Groundhog-Day endless loop, custom malware, insiders, fraud…
A gang of Russian crooks sought the services of a malware writer to develop custom-made malware in a plot to compromise and plunder ATM machines. Although they were ultimately caught, the planning effort, sophistication, and investment of both cash and time that went into developing their plot ought to be a wake-up call to the entire banking industry.
The leader of the gang contacted a virus writer through an underground forum and paid him 100,000 rubles to create malware capable of infecting ATMs, according to Host Exploit. The gang consisted of a handful of corrupt banking industry insiders including the head of IT and a system admin for a bank, offering unfettered access to distribute the malware on ATMs. The malware provided them with access to bank card details and PIN codes for fraudulent withdrawls to be made by another gang member, ready to act as a money mule.
Fortunately the Ministry of the Interior got wind of the scam and arrested the gang before the scheme came to fruition. Police made a series of raids and arrests as well as the seizure of malware samples, credit card records and computer equipment. The virus writer was also swept up in the raids.
A translation of the Russian Ministry of the Interior statement on the case can be found here.