Wednesday, May 23, 2018
Public safety

In 10 hours, $40 million snatched from ATMs

NEW YORK

It was a huge bank heist — but a 21st century version in which the thieves never wore ski masks, threatened a teller or set foot in a vault.

Yet, in two precision operations that involved operatives in more than two dozen countries acting in close coordination and with surgical precision, the organization was able to steal $45 million from thousands of ATMs in a matter of hours.

In New York City alone, a team of eight people struck 2,904 machines over 10 hours on Feb. 19, withdrawing $2.4 million.

On Thursday, federal prosecutors unsealed an indictment charging eight members of the New York crew — including their suspected ringleader who was found dead in the Dominican Republic on April 27 — offering a glimpse into what the authorities said was one of the most sophisticated and effective cybercrime attacks ever uncovered.

"In the place of guns and masks, this cybercrime organization used laptops and the Internet," said Loretta E. Lynch, the U.S. attorney in Brooklyn. "Moving as swiftly as data over the Internet, the organization worked its way from the computer systems of international corporations to the streets of New York City, with the defendants fanning out across Manhattan to steal millions of dollars from hundreds of ATMs in a matter of hours."

The indictment outlined how they were able to steal data from banks, relay that information to a far-flung network of "cashing crews," and then launder the stolen money by buying high-end luxury items like Rolex watches and expensive cars.

In the first theft, hackers were able to infiltrate the system of an unnamed Indian credit-card processing company that handles Visa and MasterCard prepaid debit cards.

The hackers — who are not named in the indictment — proceeded to remove the withdrawal limits on prepaid MasterCard debit accounts issued by the National Bank of Ras Al-Khaimah, also known as RakBank, in United Arab Emirates.

By eliminating the withdrawal limits, "even a few compromised bank account numbers can result in tremendous financial loss to the victim financial institution," the indictment states. And by using prepaid cards, the thieves were able to take money without draining the bank accounts of individuals, which might have set off alarms more quickly.

With five account numbers in hand, the hackers distributed the information to individuals in 20 countries who then encoded the information on magnetic stripe cards. Any plastic card with a magnetic stripe — an old hotel key card or an expired credit card — would do as long as it carried the account data and correct access codes.

On Dec. 21, the "cashing crews" made 4,500 ATM transactions worldwide, stealing $5 million, according to the indictment.

After pulling off the December theft, the organization grew more bold, and two months later they struck again — this time nabbing $40 million.

On Feb. 19, "cashing crews" stood at the ready at ATMs across Manhattan and in two dozen other countries waiting for word to spring into action.

This time, the hackers infiltrated a credit card processing company based in the United States that also handles Visa and MasterCard prepaid debit cards. The company's name was not revealed in the indictment.

After securing 12 account numbers for cards issued by the Bank of Muscat in Oman and raising the withdrawal limits, the cashing crews were set in motion. Starting at 3 p.m., the crews made 36,000 transactions and withdrew about $40 million from machines in the various countries in about 10 hours.

Surveillance photos of one suspect hitting various ATMs showed the man's backpack getting heavier and heavier, Lynch said, comparing the robbery to the caper at the center of the movie Ocean's Eleven.

The plundered ATMs were in Japan, Russia, Romania, Egypt, Colombia, Britain, Sri Lanka, Canada and several other countries, and law enforcement agencies from more than a dozen nations were involved in the investigation, U.S. prosecutors said. The crews in Japan seem to have been the most successful, stealing around $10 million, probably because some banks in Japan allow withdrawals of as much as $10,000 from a single bank machine.

"New technologies and the rapid growth of the Internet have eliminated the traditional borders of financial crimes and provided new opportunities for the criminal element to threaten the world's financial systems," said Steven Hughes, a Secret Service special agent who participated in the investigation. "However, as demonstrated by the charges and arrests announced today, the Secret Service and its law enforcement partners have adapted to these technological advancements and utilized cutting edge investigative techniques to thwart this cybercriminal activity."

The authorities did not immediately provide details about how they became aware of the operation or whether any other arrests have been made in connection with the case. The indictment suggests a far-reaching operation, but there are no details about the people responsible for conducting the hacking or who might be leading the global operation. Law enforcement agencies in more than a dozen countries have been involved in the investigation, prosecutors said.

The authorities said the leader of the New York crew was Alberto Lajud-Pena, 23, who also went by the name Prime. His body was found in the Dominican Republic on April 27 and prosecutors said they think he was killed. Seven other people have been arrested and charged with conspiracy to commit "access device fraud" and money laundering. The prosecutors said they were all American citizens and were based in Yonkers, N.Y.

Following one thief through Manhattan

Federal prosecutors released these images from video that show one thief withdrawing part of the $2.9 million stolen from ATMs in New York on Feb. 19.

   
Comments
FDLE: Victim in $480,000 scam is heiress to Wrigley gum fortune

FDLE: Victim in $480,000 scam is heiress to Wrigley gum fortune

A woman state authorities say was scammed out of $480,000 by two of her employees is an heiress to the Wrigley chewing gum fortune.The Florida Department of Law Enforcement confirmed Tuesday that the victim in the case is Helen Rich, 69, formerly Hel...
Updated: 1 hour ago
Carlton: Lowering the American flag for the newly dead at school — again

Carlton: Lowering the American flag for the newly dead at school — again

In a scene repeated at public buildings across the country, the American flag in front of the library outside my office window was lowered to half-staff this week.This time for 10 dead in Texas.In February, the American flag was similarly half-staff ...
Published: 05/23/18
Police: St. Pete man who pried a safe out of the wall in custody

Police: St. Pete man who pried a safe out of the wall in custody

ST. PETERSBURG — It took more than an hour for a 25-year-old man to break into a restaurant, pry a safe out of the wall, drag it through the back and then wrestle it into his car, according to police.That was last week. Michael Murphy was arrested Tu...
Updated: 1 hour ago
Search underway for North Carolina man missing from Tampa-based Carnival Paradise

Search underway for North Carolina man missing from Tampa-based Carnival Paradise

The U.S. Coast Guard was searching Tuesday for a 50-year-old North Carolina man who reportedly fell off a Tampa-based cruise ship.The Coast Guard Key West received a call from the cruise ship Carnival Paradise about 10 a.m. saying the man, Brian Lamo...
Updated: 12 hours ago
Deputies: 10th-grader brings loaded gun to Bradenton high school

Deputies: 10th-grader brings loaded gun to Bradenton high school

A Bradenton Bayshore High School student faces charges after he brought a gun on campus on Tuesday, according to the Manatee County Sheriff’s Office.Around 11:45 a.m., school resource officers were alerted by school staff that the student, a 10th-gra...
Published: 05/22/18
Police swarm Panama City street in apparent shootout

Police swarm Panama City street in apparent shootout

PANAMA CITY BEACH — Multiple law enforcement agencies have surrounded a Panama City apartment building where an active shooter is barricaded inside.City spokeswoman Caitlyn Lawrence says it’s still an active situation. The suspect has been firing on ...
Published: 05/22/18
FedEx driver, 22, dies in crash on Interstate 4

FedEx driver, 22, dies in crash on Interstate 4

TAMPA — A 22-year-old FedEx driver died on Interstate 4 Tuesday when a tire blew out on his freight truck, which veered into the path of a Chevrolet Volt, state troopers said. Two teen girls in the Volt survived the 10:21 a.m. crash. A photo shows ci...
Published: 05/22/18
Crime in Florida, Tampa Bay region decreased in 2017, data show

Crime in Florida, Tampa Bay region decreased in 2017, data show

Crime in Florida reached a 47-year low in 2017, according to state figures released Tuesday and touted as a "major announcement" by a Republican governor determined to win a U.S. Senate seat. The state’s total crime rate dropped by 6 percent from 201...
Published: 05/22/18

FDLE: Pasco couple scammed elderly employer out of $480,000

TAMPA — A Pasco County couple face dozens of charges after the Florida Department of Law Enforcement said they stole more than $480,000 from their elderly employer.Chet Alan Ragsdale, 45, was arrested Monday on 28 counts of grand theft, 25 counts of ...
Published: 05/21/18
4 sinkholes open in The Villages retirement community

4 sinkholes open in The Villages retirement community

THE VILLAGES — Four sinkholes have opened up in a fast-growing retirement community in Florida, including one in front of a home that was abandoned months ago because of an earlier sinkhole. A spokeswoman for the Marion County Sheriff’s Office says t...
Published: 05/21/18