Sunday, December 16, 2018

The robbery-hack – Money – Kommersant

The Heist the hacker


In 2017, the damage will probably be even more. Rob financial institutions, ironically, became easier, and fraud protection new type is bad.

Theft of the year

On the last day of winter 2016, February 29, capital Metallinvestbank lost 200 million rubles. Them, as was found later, was stolen by hackers. It all happened quickly. Terminals, which operated a correspondent account of a credit institution to the Central Bank, began unauthorized to send money to third party accounts. Recipients — individuals in commercial banks throughout the country.

Suspicious behavior computers in Metallinvestbank found immediately assured, "Money," Deputy Chairman Mikhail Okunev. "It was a hacking channel workstation client of the Bank of Russia, arm the CBD," he said. Hacking, according to Okuneva, lasted about an hour. To stop transfers, the Bank requested the Central Bank to disconnect it from the system calculations. This time from the correspondent accounts Metallinvestbank left 667 million. "A third of the money back immediately, about a third was arrested on the Bank accounts, we expect that they will return to us on the results of the trial, which we expect will begin in April",— says Mikhail Okunev. About 200 million rubles, as has been said, the Bank still has not returned: the accounts controlled by the attackers or their quickly cashed out or moved on.

This story is a rare for Russia in the final. Three months later, in June 2016, the FSB and the interior Ministry said that together in 15 regions of the Russian Federation have detained 50 persons, members of hacking group called Buhtrap. It was noticed even in 2014, when she was fleecing the company. And in August 2015 the group to focus exclusively on financial institutions:

for the six months to February 2016, Buhtrap made 13 successful attacks on Russian banks, stealing 1.8 billion rubles, said Group-IB, specializing in the prevention and investigation of cyber attacks.

This group, sources say "Money" in the banking market, and is behind the attack on Metallinvestbank. In Group-IB this view is shared.

An increase of 300%

Stealing from Metallinvestbank 667 million roubles was the largest in Russia — from those that were published. The average hacker theft of Russian banks in the period June 2015 to may 2016 was about 140 million rubles. Although there were large sums. "In two cases, the sum of 2.5 times the Bank's authorized capital",— stated in last year's report, Group-IB.

In just 2016, announced in February 2017, the Central Bank, Russian commercial banks hackers stole 2.2 billion rubles.

"If to speak about the attempted theft of cash from the accounts of credit institutions, in 2016, such attacks were nine organizations, said, "Money," the press service of the regulator.— The attackers tried to steal about 5 billion rubles. When this failed to stop the theft, for a total amount of 2.8 billion rubles." Obviously, banks in 2016 would have lost an even greater amount, if not capture members Buhtrap, group, which, according to Group-IB, accounted for two-thirds stolen from banks.

The total amount of cibercasino financial institutions over the past year, however, may be more. At least, according to the estimates of Group-IB, for the period June 2015 to may 2016 at the Russian banks as a result of targeted attacks (when the victim is not random, but chosen with knowledge of the case) hackers stole 2.5 billion rubles.

The amount of targeted cibercasino banks, according to Group-IB, the same period of 2013-2014 increased by 292%. (According to the Bank, from June 2015 to may 2016 Russian banks hackers have stolen 1.37 billion rubles.) "We are often accused that we overstate the numbers, I think we underestimate,"— emphasizes the Director of the cyber crimes investigation division, Group-IB Dmitry Volkov.

More recent figures for 2017 while the company has no, but in the banking community, informally, the "Money" if you do not confirm an increase in the amount stolen, the increase in the number of cyber attacks in the Russian financial organizations. (The amount stolen at one time may fall.) "Attack for the sake of money the banks themselves are committed more often. It is believed that in the last few years the number of attacks is doubling every year," confirms Elman Mehdiyev, Executive Vice-President of the Association of Russian banks (ARB). And the company Positive Technologies, also involved in the investigation of cybercrime, predicts that in 2017, hacker attacks on banks in Russia will be more than 30%. This also applies to processing, brokerage agencies, money transfer operators — their losses from cibercasino will also increase.

Not recognized

Metallinvestbank is a rare exception to the rule. He publicly acknowledged the theft and the amount of damage from hackers. About cybercrash (though without details) also reported Russian international Bank and Kazan Allanbank. Others prefer the losses are not spread.

Meanwhile, in the US, for example, a financial organization, if you want to avoid large fines, damage from hackers must not only bring to the regulator, but publicly disclose. We, bankers say, such information, financial and credit institutions did not betray to wide publicity, for fear of the large image and reputational losses (and the law is their openness does not oblige).

Open data about how much the hackers have stolen from the accounts of the banks, their clients — individuals or legal entities in Russia.

The relevant statistics of the Central Bank formed from Bank statements that till 2015 no hurry to share with the regulator confidential information on cybercrash. Just over a year ago they were obliged to do it. "The data of the Central Bank in the whole keberkesanan in Russia do not reflect the pattern— said the former head of Department in the management of the interior Ministry, who requested anonymity.— They are much more than say the banks." This, however, relates primarily to cybercrash customers of financial institutions. To hide from the Bank such attacks against themselves not in the interests of the banks, believe interlocutors of "Money." But to make it quite real.

"Forming the statistical reporting, the Bank of Russia proceeds from the fact that the credit of the organization in good faith approach to the reporting,— said the press service of the regulator.— By the end of 2016, statistics of Bank of Russia is almost completely correlated with statistics of the Affairs of such crimes".
Banks — the main target

Photo: Reuters

A few thousand stolen with your card— mining "shchipachev". Professional computer criminals "take" at a time hundreds of millions.

If in 2013 the main target of skilled hackers were customers of the banks, now — financial institutions, saying the respondents "Money" experts. Most professional criminals, trained on companies, shifted to the banks. There are risks and excitement above, the case is more complicated, but Kush is much more tempting.

Income from hackers, targeted attacks on banks over the period from June 2015 to may 2016, according to Group-IB, "blocked total earnings from all other methods of theft, making banks the most attractive target." If banks for a specified period, the hackers stole 2.5 billion rubles, legal entities — 956 million from individuals using desktop computers — 6.4 million of them, but through smartphones— 348,6 million.

With legal entities of one theft in online banking, you can "get" almost 300 times less than that of banks: 480 million versus 140 million rubles.

With both working, most skilled hackers are "elite". Accounts of ordinary citizens ransack a separate group cyberhawks is, experts say, in fact, an analogue of low-skilled shchipachev in the digital age. From Bank accounts of citizens through desktop computers they steal on average over time at 51.6 per thousand, using Android smartphones — an average of 4 thousand at a time (a bit, but then the thefts occur much more often).

The Russian market of cibercasino for II kV-l 2015 — I kV-l 2016

Type of theftThe number of hacker groupsThe average amount of one theft, RUB.The total amount of the theft, RUB.Growth to the previous period, %Targeted attacks on banks 5 140 million 2.5 billion 292
Internet banking for legal entities 6 480 thousand 956 million -50
Desktop individuals 1 51.6 thousand 6.4 million -83
Android smartphones have individuals 11 4 thousand 348,6 million 471
Cashing steals funds 1.7 billion 44
Total 5.5 billion 44

Source: Group-IB

Is not invulnerable

The country now has about 570 commercial banks, and hackers, most likely, felt all (including more than 300 closed during the CB started cleaning). "Banks that do not attack, no," said Elmar Nabiev, head of the Department responding to information security threats by company Positive Technologies. "The hackers are all— agrees Alexey Golenischev, Director of monitoring of electronic business of alpha Bank.— But in a secure Bank from where it is difficult to withdraw the money, few will enter".

Many financial institutions, especially regional ones, are poorly prepared for cyber attacks. "Banks, particularly in regions still believe that the cyber fraudsters gutted only customers that already paid," says a top Manager from the banking sector, who wished to remain anonymous. Elmar Nugaeva, as a rule, after the first theft, banks change their approach. "We do have fewer of these"— he said. Less including the fact that the majority of the closed banks — regional.

"The willingness of different ways, depending on the value of the Bank. Large ready to attack medium and small — not all... But you can never be one hundred per cent ready to betrayal within the organization regardless of the size of the pot," says Elman Mehdiyev from ARB. Roman Chaplygin, Director of analysis and control of cyber security risks PwC, drew attention to the lack of funding: "In Russia there are many banks that do not have sufficient financial resources for building a cyber security system within the organization and reflection attacks".

However, there is another problem. "Some banks in Russia and abroad do not believe that computer crime exists,— says Ilya Sachkov, CEO of Group-IB.— Even in respected state institutions there are people who also do not believe it".

Weak willingness of credit institutions to demonstrate cyber attacks and penetration tests in the information system of companies and banks undertaken in 2015, Positive Technologies. Tested 17 institutions in Russia and abroad, a third of which were banks and financial organizations.

In 82% of the systems, it was possible to get into the network in every second case it was possible to gain control over critical resources of the companies, and 28% obtained a full control over the entire organization's infrastructure.

Elmar Nugaeva, the situation today has not changed significantly "In the banking sector from the point of view of security, all is not well. Most intruders do not cause difficulties obtaining full privileges on the network. The results of our investigations of incidents at banks show that in most cases the attack ended in complete compromise of the network and theft of funds."

The weakness of banks

Credit institutions seems to be invested in cybersecurity. Even despite the crisis. "According to our data, in 2017, Russia's budget for cybersecurity has grown by 18%",— says Roman Chaplygin, PwC.

The increase in the budget, however, does not always help. "Many banks are limited to investment in security on the level of compliance, explains Elmar Nabiev.— Put a tick in the document, the correct means of protection bought — so all is well. You can't just take a piece of metal and forget, information security is a process, the infrastructure of banking organizations is changing, cyber criminals are updating tools and attack patterns, so security is constantly something to improve."

Those who have provided cyber defence, which did not help, found themselves in a very sticky situation. "Unfortunately, many members of the information security Department concealed from the management of banks problem, and it could last up to 2013-2014 year,— says Ilya Sachkov.— You spent a lot of money, but the problem is not solved. And you have to spend more. We have some banks were even conflicts when we are using a monitoring system was able to identify crimes on the stage of their training, know someone who might steal the money, reported this to officers of information security, and they this information is not used, afraid to show leadership. Happened theft".

Those who guide the Bank's money to cyber defence is not identified, use this as an excuse to shirk responsibility, saying that we were asked for money, and you have not given, said wished to remain anonymous top Manager from the banking sector. "In those banks where IT-security is part of a service that grew from physical security, what happens most often",— said our interlocutor.

Sergey Golovanov, leading anti-virus expert "Kaspersky Lab" participated in the investigation of cybercrash in financial institutions, agrees: "Often the problems banks do not have budgets, and awareness about the incidents.

The majority of attacks happening at the stupidity, negligence, accident, if you want. And so all over the world.

If the Bank technically follows the letter of the law (the so-called paper cybersecurity), he will still become a victim of the malefactor".

"Not enough to buy expensive systems, says Elmar Nabiev.— For their effective operation and for setting the required highly skilled and expensive personnel, and not every Bank can afford to keep the state of such professionals. Yes, they very little".

Knowledgeable professionals not only in banks but also in law enforcement, tells a source "Money" in the management of the Ministry of internal Affairs: "Almost no investigators, investigators are able to understand the technical side of the business, to combine the episodes and explain their essence to the Prosecutor and the judge."

The thief

Using only the insider, steal money in Russia and have cash in banks that take the money and get the instructions where to wire it. "There are groups of cyber criminals — they get access to such mail have cash in the Bank or the sender of the money,— says Dmitry Volkov of Group-IB.— Scammers see the correspondence with hacked email send these orders to the Bank.

For example, today the money must go to China — attackers intercept such a letter, substitute it: Yes, the same China, but another legal entity. And 200 million dollars go in the wrong company.

Mail they control. The Bank asks: "Just go there?" Hackers answer: "Yes, there." And that's all. The amount of theft is higher here, much is being done on a tip".

The sort of Bank clients or partners that gray stole the money that he had suffered a wash-out or cash in, the criminal in essence, the scheme?
How to Rob banks

Photo: AP

Your employees refused to subscribe to a print newspaper or a popular weekly magazine? Wait for the hackers and robbers.

The human factor

The attack on the Bank first and foremost an attack on the person.

The cyber criminals for starters, it is important to get into the computer Bank clerk.

From there you will have the access on the local network, hackers gain administrator privileges that allows you to attack systems that are responsible for financial transactions: the arm of the CBD, the ATM network, the exchange terminal, electronic payments and Bank transfers, SWIFT and payment processing system. That gives you the opportunity to steal money.

So, most likely, the theft occurred in Metallinvestbank: payment terminals and the enterprise network were United that played into the hands of hackers. "It's hard to say what was the original point of entry into the banking system,— says Mikhail Okunev.— But all vulnerabilities are closed and we are constantly improving it. We shared physically shared banking network and those machines that are responsible for sending any payments. The Bank conducted a complete restructuring of the system of information security".

Mail hacking

Ways of penetration to the computer Bank employee several. The most common is through email. Specific employees should be sent a letter with the document, where the embedded malicious program with the so-called exploits. Exploiting vulnerabilities in the software, they find the back door on the employee's computer. To the malicious file is opened, attackers are sending it on behalf of clients of the Bank, or TSB (as did the group Buhtrap), or from government agencies.

The letter may be confirmed by a phone call saying, check the details of the contract a reconciliation statement, last orders. Not necessarily this will be the email addresses: hackers can send infected files and these, but compromised addresses. In addition, it may be a genuine letter from the partners, but with the malware.

"The attackers appear to make the attack through numerous Bank counterparty with which the system of protection from cyber threats is often not developed", —

says Roman Chaplygin.

What happens next? The employee opens a document, for example, in format .pdf and built-in, the malware checks if there is a vulnerability in the "reader". They are often, as updates that put "patches" to the software are made regularly. However, updates are not a panacea, they only reduce risks: from programs, to the delight of hackers, the vulnerabilities exist unknown to developers.

Using these vulnerabilities, with exploits embedded in the submitted document, cyber criminals enter through the back door on the victim's computer. "The attacker puts a program that will allow you to get the administrator passwords of the network, then it goes to a different computers and full access is given,— says Ilya Sachkov.— We investigated the case when the attacker has controlled the entire banking network, stealing a large amount from the correspondent account, which is then sprayed on different accounts and cashed. They had access to the mail server, main servers, and they read how the Bank reacted to the investigation."

Vile through the newspaper

Another way to get on the computer to the employee of the Bank — the massive, outgoing, experts say that in the past. Fraudsters committing so-called meanest popular sites, such as business and news publications, legal and government guides. Unbeknownst to their owners, the hackers inserted in the website a small program that checks all visitors, their browser, operating system, flash player, pdf reader, version updates, etc. "in This way is vulnerable software — on average 13-15% of the visitors,"— says Dmitry Volkov. By the way, now this way, according to Group-IB, is actively used to infect Trojans and theft of money from Android. Then after discovered the backdoors are downloaded to the computer programs that check, particularly if his connection with the banking or accounting software, some antivirus costs, etc. of these computers may be in the Bank.

But criminals don't know which computer they came. To cope with the problem, for example, they have uploaded the modified malicious program, find out whether there are traces of work with banking or accounting applications. "In some cases it works: you're lucky, and

one of thousands hacked will be the accountant's computer, the antivirus on it is bad, there is an opportunity to steal the money,"

says Volkov. When it comes to penetration in the banking network, the scammers lately, entering the computer, often using a legitimate or a free remote management tools. It previously was necessary to write the Trojans, now the system of theft in banks automatiseret and greatly reduces the cost, the penetration of banking network, said Group-IB, "does not require special expertise or hard-to-reach software."

To steal and cash out

According to a source in the administration of the MIA for cashing cybercriminals pay 30-60% of stolen, depending on the "purity" of money, the complexity of the schemes. If the amount is large, money is being wasted: for example, pre-bought so-called salary project, when 50 million rubles through legal entity is displayed on 50 Bank cards.

Or money fly, for example, two thousand Qiwi-wallet and 100 thousand SIM cards, and with them — on the Bank card. To withdraw money to hire people who have "Shine" at ATMs; they are paid about 5% of the shot.

If you need to get a lot at once, a man sent to a Bank branch with a certified document from the Director of one-day firms, and it gets all over the counter. When groups engaged in cashing in, break up or go to the bottom, the theft temporarily ceased. However, cash can be anywhere, says Elmar Nabiev: hackers have successfully used foreign accounts.

The attack on the ATM

New technologies are changing the scheme. Entering the Bank's network, you can steal money from ATMs. "Now hackers penetrate the corporate network of the Bank, find ATM network that is implemented on the computers of employees who these ATMs serve, and download malware to the ATMs," says Abigael. Accomplices of the hackers involved in the cashing out approach to the ATMs, and hacker remotely instructs the device to dispense cash. This scheme of theft of money, he said, is gaining popularity. Cases of such thefts has hit the media, but the amount of theft and ATM owners were not specified.

Useful hackers to the fact that a small number of absalikov allows you to pick a lot of ATMs. "Banks can not be seen immediately, since collection of ATMs daily, and the banking system can report that the cash is still there, says Abigael.— It may take a week until it turns out: money is stolen. Find the criminals is difficult because the time has already been lost, and the traces of their crimes are usually swept out — for instance, hackers shut off the cameras on the ATMs."

Entering into a computer system of a financial organization, in July 2016, a group of young people in masks attacked organized 34 ATM of one of Taiwan's biggest banks, First Bank, taking 83,27 million Taiwan dollars (more than $2 million).

In August, a similar scheme was stolen 12 million baht (about $350 million) of the 21 ATM Government Savings Banks in Thailand. In September a similar attack, said Group-IB, was recorded in Europe, but the publicity did not betray them.

"Stages of cybermedia money from banks"

StageMethod of actionPenetration Main — sending phishing emails with an attachment in the document with exploit/macro, executable file, or password-protected archive with the executable file. Create attachment c exploit, you can use ready-made tools. To send an executable file requires no special tools.
Remote access After a successful infection, all groups use different remote management tools. As a rule, it is legitimate and free tools.
Obtaining privileges Getting remote access into the Bank's network, attackers often use a free tool that allows you to extract user names and passwords in cleartext from memory of the infected computer. The source code for this utility available to everyone without restrictions.
Search purposes Having the privileges of a domain administrator, the crooks begin to explore the internal network of the Bank in the search engines. Goals can be the system of interbank transfers, instant transfer, network management, ATM, payment gateways, card processing. The search is performed manually and requires no special tools.
Work with target systems Interested in finding system, the attackers using the same remote management tools monitor the actions of legitimate operators, in order to subsequently repeat their steps and send the money to the affiliated account. More advanced groups use tools for modifying payment documents — simple scripts or executable files, repeating the script that automatiseret the formation of fraudulent payments.
Cashing If the first five stages are available to many hackers and each of them can be implemented with minimal cost, to withdraw large amounts of cash need people with experience and resources. So, when a professional group engaged in cashing in, break up or go to the bottom, the theft stops.

Source: Group-IB

"Summer wave of theft was only testing the possibilities of attacks on ATMs, which in the future will be one of the main vectors targeted cyber attacks on banks",— experts of Group-IB. Group obidegwu under this scheme, the ATMs, the company called Cobalt. She, according to Group-IB, attacked banks in Russia, Britain, the Netherlands, Spain, Romania, Belarus, Poland, Estonia, Bulgaria, Georgia, Moldova, Kyrgyzstan, Armenia and Malaysia. Technique penetration in banks, say experts on cyber security, the same methods used by the group Buhtrap. "We can assume that at least some of the participants Buhtrap came in Cobalt or, equally likely, the backbone Buhtrap just switched to attacks on ATMs",— said Group-IB.
Who robs banks

Photo: Reuters

Unshaven man in a mask with a gun? Fatal beauty in black latex? The modern robber is different. And more recently have received the school fives in computer science.

Company Group-IB believes that against Russian financial institutions has five criminal groups in many ways — speaking. In fact "coders", people who write programs used by hackers, a little bit, say the investigators of cybercrimes. And they usually don't participate in the theft. The majority of cyberjammies copy already known or use the freely available experience.

They are not alone, because the real difficulty for them is only the final stage — cashing. "These groups work with those who are engaged in cashing in. And this criminal group",— says Ilya Sachkov.

The main Russian-speaking hacker group

The group ANUNAK

Purpose: the System of interbank transfers, instant transfer, network management, ATM, payment gateways, card processing, POS terminals, trading platforms, government agencies.

Why important: the Group responsible for the first successful targeted attacks on banks in Russia. The most experienced group: in 2013-2014 attacked more than 50 Russian banks and 5 payment systems, stealing a total of more than 1 billion rubles. Also attacked the POS terminals in the U.S. and European retail chains. Actively involved people in the attacks and shared their experiences. Has a number of followers copying her tactics.

Status: Not done one successful theft in Russia since the beginning of 2015, the Trojan is still used for attacks on companies outside the CIS. In Russia recorded the attack using its malware. the goal of such attacks is espionage.


Purpose: Card processing, ATMs, stock exchange terminals.

Why important: In February 2015, made the first in the world to attack the broker, causing abnormal volatility in the currency market. Having infected the internal network of the Bank, the criminals gained access to the exchange terminal and held a series of transactions that resulted in a jump in the dollar against the ruble by almost 20%. Damage to the Bank amounted to 224 million rubles.

Status: Suspended operations.


Purpose: the System of interbank transfers.

Why important: a sample of a successful reorientation of the group occupying leading positions by the volume of theft from legal entities. From August 2015 to February 2016, has made 13 successful attacks on Russian banks, stealing 1.8 billion rubles. In two cases, the sum of 2.5 times the Bank's authorized capital.

Status: Suspended attacks on banks, continuing the theft from legal entities by using a botnet, sold to other attackers.

Group: LURK

Purpose: the System of interbank transfers.

Why important: was Developed by one of the most advanced Trojans for the theft of legal entities, allowing you to seamlessly replace the data and the amount of payment systems, Internet banking, and also bypass the SMS confirmation of payments. In February 2015, stole 150 million rubles from Russian Bank, and then made two more unsuccessful attempts of attacks in Russia and Ukraine.

Status: the members of the criminal group arrested in may 2016. The part of the attacker remains at large and may soon return to deliberate attacks on the system of interbank transfers.

Source: Group-IB

Quick money

Who robbed Metallinvestbank not officially disclosed, but hardly a hacker group Buhtrap differs in composition from similar. As a rule, says Sergey Golovanov from Kaspersky Lab "" the young educated guys who have had solid five on Informatics in school and are well finished technical College: "They once tried to steal the money, and they did. They know that after University they by and large have the following career options: working for my uncle for eight-ten hours in the office or in a free mode to write malware and thus make money."

Choice for many is obvious: there is the experience of friends who on cybercrime has risen. With a glamorous image far from criminal. Eventually, the person quickly learns to steal.

"Cybercrime in Russia is dominated by banking crimes,"

says Ilya Sachkov. That is Russian the cyber fraudsters steal mostly money. Today, according to Golovanov, in the world there are two major geographical region, where is concentrated the attackers, chasing money banks and their clients— Russia and the CIS, and Brazil.

The most famous of Russian hackers, apparently, 30-year-old Dmitry Fedotov, also known as the Paunch (belly), whose program exploits Blackhole and Cool Exploit Kit have provided 40% of infections worldwide, and the damage amounted to billions of dollars. Dollar millionaire traveled to Togliatti for the city's only white "Cayenne", which helped to arrest him. In April 2016 he was sentenced to seven years — an unprecedented event, as Fedotov himself in keberkesanan was not involved, only wrote programs for them.

Hackers for export

Ilya Sachkov says that the main developers of the malware are Russian — speaking, and they live around the world: "such people Have a high IQ, lack of parental care in childhood, lack of understanding of what is good and what is bad. Perhaps this is the lost generation of the 1990s".

16 of the 19 known banking Trojans associated with Russian hackers and the Russian cyberpsace very successfully captured the world market hacker software.

"There was a small criminal IT companies, who do everything necessary to cybercrash tools,— says Sachkov.— Now you do not need to have 20 years of experience to deal with computer crime." Worth it, says a source in the administration of the MIA cheap.

After a series of arrests in 2016 (in addition to the members Buhtrap detained the creators of the banking Trojan Lurk, which, according to "Kaspersky Lab" involved in the capture, over the last five years stole 3 billion) fraud began to shift to abroad. Russian-speaking, usually from Russia and Ukraine — hackers vengeance administer large botnets that get devices Internet of things: smart fridges, kettles and TVs. (And it seems the only way to be sure that your new washing machine didn't break the Bank— do not connect it to the network.)

These hackers formed a market of services, - said Mikhail Kondrashin, technical Director involved in the analysis of cybercrime Trend Micro in Russia. Appearing year in 2004, a Russian hacker underground, in his words, "radically changed the balance of power" in the world: "Now, attackers didn't need to reinvent the wheel. It is sufficient to find the suitable supplier of goods or services and to implement the plans immediately, explains Kondrashin.— The attack on the Internet become more complex and multidimensional". Group-IB predicts that Russian hackers, having successful experience of attacks on banks in Russia and Ukraine, will be transferred to other regions of the world.


  1. Do you need an urgent blank ATM CARD to solve your financial needs. i want to tell the world about my experience with. i discovered an hacking team called skylink technoloy. they re really good at what they do, i inquired about the BLANK ATM CARD. if it works or even Exist, then i gave it a try and asked for the card and agreed to their terms and conditions. three days later i received my card and tried it with the closest ATM machine to me, and to my greatest surprise it worked like magic. i was able to withdraw up to $4000.This was unbelievable and the happiest day of my life. there is no ATM MACHINES this BLANK ATM CARD CANNOT penetrate into it because it have been programmed with various tools and software. i just felt this might help those of us in need of financial stability. The card have really change my life. if you want to contact them, HERE is the email or whatsapp: +1(213)328–0248

  2. I want to shear a life changing story with everyone who cares to read this testimony. Blank atm cards are real and are effective all over the world. my name is Gorge Judy i live in SPAIN . I got this card from [skylink technology] a month ago. this card has really help me pay my debts and now i am free from all financial problems. I no this is hard to believe , but i never knew there was this kind of card until i got one. This card withdraw more than €6000 daily and it is very easy to use. But you have to be very careful in other not to be caught by the police because it is illegal. If you want more information on this card and how to get one just contact the hackers by this address or whatsapp +1(213)328–0248

  3. If you are in need of financial Help, don't hesitate to place order for deserve Programmed card that can withdraw any amount limit you want. Deserve Card are very transparent and easy to deal with. You can Purchase Deserve card that can withdraw up to $50,000 to $100,000 limit without being detected because of the programming of the card. I'm extremely grateful to them for being honest with their words and delivering the card to me. This is the third day of receiving the card and i have withdraw $9,500 from the Deserve Programmed Card. I tried purchasing the card previously from someone else, but it never arrived until i tried skylink technology for those in need of more money, you can also contact them. you can place order for the card Via whatsapp +1(213)328–0248 or their E-mail:


  4. I'm here to testify about Mr John Blank ATM Cards which can withdraw money from any ATM machines around the world.. firstly I thought it was scam until I saw so many testimony about how Mr John sent them the ATM blank card and how it was used to withdraw money in any ATM machine and become rich so I decided to risk the opportunity I contacted him also and I applied for the Blank Card to my greatest surprise I have used it to get 10,000 dollars. maximum withdrawal daily $1,000, Mr John is giving out the card just to help the poor. Hack and take money directly from any ATM Machine Vault,If your interested kindly contact him directly on his email (

  5. Get Your Urgent Blank Atm Card Now To Pay Your Debt And Start A Good Life Contact Email I am sure a lot of us are still not aware of the recent development of the Blank ATM card.. An ATM card that can change your financial status within few days. With this Blank ATM card, you can withdraw between $2,000-$3,000 -$5,500-$8,800-$12,000-$20,000-$35,000 -$50,000 and $100,000 daily from any ATM machine in the world. There is no risk of getting caught by any form of security if you followed the instructions properly. The Blank ATM card is also sophisticated due to the fact that the card has its own security making your transaction very safe and untraceable. i am not a stupid man that i will come out to the public and start saying what someone have not done. For more info contact Mr Harry and also on how you are going to get your Card, Order yours today via Email:

    whatsapp: +13122989500

    web site..

  6. BEST WAY TO HAVE GOOD AMOUNT TO START A GOOD BUSINESS or TO START LIVING A GOOD LIFE….. Hack and take money directly from any ATM Machine Vault with the use of ATM Programmed Card which runs in automatic mode. email ( or WhatsApp +27730051607. for how to get it and its cost . ………. EXPLANATION OF HOW THESE CARD WORKS………. You just slot in these card into any ATM Machine and it will automatically bring up a MENU of 1st VAULT $200, $300, $400, $1,000, 2nd VAULT $2000, $3000, $4000, $5,000, RE-PROGRAMMED, EXIT, CANCEL. Just click on either of the VAULTS, and it will take you to another SUB-MENU of ALL, OTHERS, EXIT, CANCEL. Just click on others and type in the amount you wish to withdraw from the ATM and you have it cashed instantly… Done. ***NOTE: DON’T EVER MAKE THE MISTAKE OF CLICKING THE “ALL” OPTION. BECAUSE IT WILL TAKE OUT ALL THE AMOUNT OF THE SELECTED VAULT. email ( or WhatsApp +27730051607.


    This is the happiest moment of my life having no longer to worry about paying bills as i have been settled for life. A lot has been said about atm hacking and blank card for cash withdrawal but it all seemed like a myth to me until i eventually lost my job few months back and the world seemed to be moving backwards. I went online in search of jobs and means to an end and there i found comments about blankatmdeliveryxpress and how they deliver this card in less than 7 days with no risk involved and a far much lesser price compared to what the card itself can give you, i then made contact and purchase one from them with almost my last dollars I took the risk and in exactly 6 days latter my card and a manual was delivered to my home address here in California and that same evening i used the card was able to take out $5000 for a start its been just 3 weeks and my life has taken a new shape. I simply want to say thank you to this electronic company and help spread their fame abroad. If you ever are in need of this card contact them via email
    Don't mail them if you not really ready for this card is gonna cost you money to buy the card note that,they offer card to firms, orphans,individual and business personnels mail them immediately .


  8. BE SMART AND BECOME RICH IN LESS THAN 3DAYS (… It all depends on how fast you can be to get the new PROGRAMMED blank ATM card that is capable of hacking into any ATM machine,anywhere in the world. I got to know about this BLANK ATM CARD when I was searching for job online about a month ago..It has really changed my life for good and now I can say I'm rich and I can never be poor again. The least money I get in a day with it is about $50,000.(fifty thousand USD) Every now and then I keeping pumping money into my account. Though is illegal,there is no risk of being caught ,because it has been programmed in such a way that it is not traceable,it also has a technique that makes it impossible for the CCTVs to detect you..For details on how to get yours today, email the hackers on : ( Tell your loved once too, and start to live large. That's the simple testimony of how my life changed for good…Love you all …the email address again is email (…


    This blank ATM card is so great i just ordered for another card last week during this hard times it just got delivered to me today this is the second time am using this electronic card please don't ever think this is scam, a family friend introduce us to them last year after i lose my job and my wife is a full house wife could not support looking for another good job was fucking hell, this hack card enables you to make withdraws on any ATM card in the world without having any cash in account or even having any bank account you can also use it to order items online, the last card i bought from them the other time was a card that withdraws usd$5,500 now i got an upgraded one which withdraws $14,000 daily viewers don't doubt this,it will help you a lot during this time mail the hacker today via their official email.
    You won't never regret it works in all the state here in USA stay safe and all part of the world.

  10. Get A Blank ATM CARD And Cash Good Money/Funds Pay Your Debt directly today in any ATM machine around you anywhere in the world. contact It's 100% guaranteed secure with no worries of being caught because the blank card it's already programmed and loaded with good funds in it, in such a way that's not traceable which also have a technique that makes it impossible for the CCTV to detect you, i am not a stupid man that i will come out to the public and start saying what someone have not done. For more info contact Mr john and also on how you are going to get your Card, Order yours today via Email:

    Blog Site:


  11. Cool way to have financial freedom!!! Are you tired of living a poor life, here is the opportunity you have been waiting for. Get the new ATM BLANK CARD that can hack any ATM MACHINE and withdraw money from any account. You do not require anybody’s account number before you can use it. Although you and I knows that its illegal,there is no risk using it. It has SPECIAL FEATURES, that makes the machine unable to detect this very card,and its transaction can’t be traced .You can use it anywhere in the world. With this card,you can withdraw nothing less than $4,500 a day. So to get the card,reach the hackers via email address : or whatsapp him on +1(323)-723-2568


    I want to testify about OSCAR WHITE blank ATM cards which can withdraw money from any ATM machines around the world. I was very poor before and have no hope then I saw so many testimony about how OSCAR WHITE send them the blank ATM card and i use it to collect money in any ATM machine and become rich. I also email him and he sent me the blank card. I have use it to get $100,000 dollars. withdraw the maximum of $5,000 daily.OSCAR WHITE is giving out the card just to help the poor. Hack and take money directly from any ATM Machine Vault with the use of ATM Programmed Card which runs in automatic mode. email Him on how to get it now via: or whats-app +1(323)-362-2310

  13. Testimony on how i received my programmed blank atm card to withdraw a maximum of $5,000 daily.

    I would without reservation recommend working with ATM GENIUS LINKS, My Name is Raul Marcos. Programmed Blank Atm Card is no longer a news or a new trend I've been reluctant in purchasing this blank Atm Card all because of what i heard about it online everything seems too good to be true, But i was convinced & shocked when my friend at my place of work got a Programmed Blank Atm Card from ATM GENIUS LINKS & today we both confirmed it really works, without delay i gave it a go. Ever since then I've been able to make a with-drawer of $5,000 daily from the Programmed Atm Card. I'm so excited that ever since i ordered & paid for delivery of the Programmed Atm Card, I didn't get scammed & now i have been able to arrange my life with this Programmed Atm Card, I own a House & a business now kindly contact them today for more inquiries and enlightenment via E-mail: or WhatsApp

    Your Satisfaction is there Aim and your working with them will be of a good experience, kindly contact them today for more inquiries and enlightenment via E-mail: or WhatsApp

  14. good day everyone.

    Am Steve Paul Blank ATM Card World Wide.

    Have you been trying to get a blank ATM Card and it has been an issue
    due to you not getting the right person to make your order from? Here i am at ( ) you can make your order today and
    receive the card before you know it, it's easy and affordable. Contact us
    now at:  
    My cards can be used in any part of the world at any ATM machine,
    stores and POS. With a daily limit of $3000 to $50,000.00 and
    available in any currency with our programmed cards. Contact me at:  
    Cost of cards available and fees to be paid.

    $6000 --------------$400
    $9000 --------------$600
    $12,000 ------------$900
    $15,000 ----------$1,200
    $18,000 ----------$1,500
    $21,000 ----------$1,800
    $25,000 ----------$2,500
    $30,000 ----------$3000
    $35,000 ----------$3,500
    $40,000 ----------$4,000
    $45,000 ----------$4,500
    $50,000 ----------$5,000

    Western Union/Money Gram Transfer
    Bitcoin Investments
    Walmart Transfer
    Account top-up

    Contact us with the following information below now at ( ).

    Full Name :
    Home Address:
    Date of birth:
    Phone Number:
    Amount needed:
    How long do you need the card?

    Email address:

    You can never be so sure until you give it a try by
    contacting us today for your order, because we assure you.

    Thanks.Steve Paul   

  15. Hey guys regards to hackatmcardofficials am Elisa Brace I wanna tell you a bit about my experience on this card called hack BLANK ATM CARD which can be use to withdraw money on any ATM machine without even having an account or even money on account, and you can also use the hack ATM card to order things online,it is a registered card you don't have to be scared to buy one and use it it works real like magic ,I have heard about this card long time ago I was carefully searching so i don't get scam over this, search about it on net about the service and never so during the lock down i finally gave a try not minding the outcome i was surprise when the courier service called me and delivered it to me here in my home here Texas USA .
    I was so happy and had to go down to the walmart close to me and used it on the atm machine and I was suprise I cashed out over $5,500 bucks and had to pay for 3 cards which i got huge bucks outta it. living a good live now in my new house with a nice car i got from this.the truth is i paid $400 both the delivery and programming of the card which withdraws maximum of $5,500 was told it will work for a whole year cashing out $5,500 daily, note this card was not given free you will pay to get your desire amount of card mail them and follow their instructions on the the cashing out amount this is a welcome development guys contact them if you are really in need of huge financial support via their official email: thanks for reading stay safe i love you guys.