Twelve people are reported to have been arrested for their participation in an attempted operation targeting Santander Bank that could have resulted in a multimillion dollar heist.
One of the suspects is said to have gained access to the Surrey Quays branch and installed a keyboard video mouse device (KVM) on the bank’s systems, allowing the attackers to remotely gain control over computers.
“This was a sophisticated plot that could have led to the loss of a very large amount of money from the bank, and is the most significant case of this kind that we have come across,” said Mark Raymond of Scotland Yard’s central e-crime unit (PCeU).
The perpetrators used social engineering to install the device, with one member posing as an engineer to gain access to systems, according to reports.
The attempt to steal funds was apparently thwarted just as the attackers prepared to exfiltrate funds.
“It failed and no money was ever at risk. No member of Santander staff was involved in this attempted fraud. We are pleased that we have been able, through the robustness of our systems, to prevent the fraud and help the police gather the evidence they needed to make the arrests,” a Santander official stated.
The KVM device is used to control systems remotely, and allowed the attackers to operate on systems as if they were on one of the bank teller’s computers.
“It captures all the information that goes to the screen, keyboard and mouse. If you manage to get it installed inside the computer, it gives you a way of contacting the device through a remote computer,” Dr. Eerke Boiten said.
Read More Here…