Individuals believed to be part of a cybercriminal group ended up held by Romanian authorities suspected of having stolen over $15 million by cloning cards with information from the computer systems of banks.
The Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT) on Sunday raided 42 spots in six counties and detained 25 people for questioning. The DIICOT said the group may consist of more than 52 individuals from Romania and other countries.
The card data came via hacked banks in the U.S. (Puerto Rico) and in Muscat, the capital city of Oman, and belonged to accounts of large corporations. The fraudulent cards then ended up distributed to the members of the group.
Targeting banks instead of their customers is a trend adopted by organized cybercriminals who are after big heists, planning them carefully in advance.
In less than a year, between February and December 2013, the gang made 34,000 cash withdrawals from ATM systems in 24 countries.
According to DIICOT prosecutors, the bad guys made 4,200 transactions in a single day (December 2, 2013) from ATMs in 15 cities in Romania, withdrawing $5 million in cash. Earlier that year, on February 20, the gang used the cloned cards to remove $9 million from cash machines in Japan.
The big withdrawal operations ended up coordinated and planned for banks’ non-business days. Financial institutions hit this way are from different countries, including the U.S., UK, Germany, Italy, Spain, Netherlands, Canada, Colombia, Dominican Republic, Mexico, Indonesia, Egypt, Malaysia, Russia, Sri Lanka, Thailand, Ukraine, the United Arab Emirates, Pakistan, and Latvia.
During the house searches, the officers found 16 laptop computers, 4.4 lbs of gold bars, mobile phones, paintings, and $163,000 in cash.
The money gained ended up invested in different goods such as real estate and other valuable products. Until the completion of the investigation, these products are under restrictions.