The greatest heist of the century Hackers stole USD 1 Billion

In order to infiltrate the bank's intranet, the attackers used spear phishing emails, luring users to open them, infecting machines with malware. A backdoor was installed onto the victim's PC based on the Carberp malicious code, which, in turn gave the name to the campaign — Carbanak.

After obtaining control over the compromised machine, cybecriminals used it as an entry point; they probed the bank's intranet and infected other PCs to find out which of them could be used to access critical financial systems.

That done, the criminals studied the financial tools used by the banks, using keyloggers and stealth screenshot capabilities.

Then, to wrap up the scheme, the hackers withdrew funds, defining the most convenient methods on a case-by-case basis, whether using a SWIFT transfer or creating faux bank accounts with cash withdrawn by 'mules' or via a remote command to an ATM.

On average, it took from two to four months to drain each victim bank, starting from the Day 1 of infection to cash withdrawal.