€1bln in Stolen Bank Funds “Hidden” with Crypto

A recent cybercrime bust has given civil authorities more fodder to feed the argument that popular cryptocurrencies attract criminal activity and money laundering.

Earlier this week, Europol, the European Union’s leading law enforcement agency, recently apprehended the ringleader of the hacking group responsible for stealing more than €1bln from over 100 financial institutions worldwide.  According to Europol’s press release, the cybercriminals nabbed the funds from banks and financial institutions in more than 40 countries, laundering their loot with cryptocurrencies to hide it from local and international authorities.

The cybercrime organization, known as the Carbanak gang, has been conducting remote, malware-driven heists since 2013. Derived from a precursor program called Anunak, a malware known as Carbanak became the gang’s primary weapon from 2014-2016, hence their team’s moniker.  Using company emails as their vector of attack, the team would send out seemingly legitimate emails to bank employees that contained phishing malware.  If an employee clicked on the email’s malicious links, the criminals were granted access to the financial institution itself or, in some cases, its ATM networks.

From 2016 on, the team utilized a more sophisticated malware known as Cobalt that allowed them to steal as much as €10mln per hack.  As with Carbanak, Cobalt allowed the criminals to breach into a bank’s central server or network through phishing attacks, giving them complete control and access over a variety of functions.  This allowed the gang to steal funds by “‘voluntarily’ [spitting] out” money at predesignated ATMs, directly wiring funds into criminal accounts, or modifying databases to inflate customer accounts so money mules could collect the difference.

After the thefts, the team converted the funds into cryptocurrencies using prepaid cards.  Once in their wallets, they used the digital funds to purchase high-end cars, houses, and other luxury items.  The press release did not specify which cryptocurrencies were used in the laundering.

A Concerted International Policing Effort

Europol’s report stressed that the international policing community’s united effort was responsible for the ring leader’s arrest.  Such cooperation, the post conveys, was necessary given the global scale of the operation.

“International police cooperation coordinated by Europol and the Joint Cybercrime Action Taskforce was central in bringing the perpetrators to justice, with the mastermind, coders, mule networks, money launderers and victims all located in different geographical locations around the world,” the press release reads.

The gang’s leader, whose identity remains undisclosed, was arrested in Alicante, Spain “after a complex investigation conducted by the Spanish National Police, with the support of Europol, the US FBI, the Romanian, Moldovan, Belarussian and Taiwanese authorities and private cybersecurity companies.”

Moreover, the release indicates that Europol and other investigation agencies couldn’t have succeeded had it not been for its cooperation with private sector entities, namely the European Banking Federation (EBF).  Wim Mijs, the CEO of the EBF, stated that “[this] is the first time that the EBF has actively cooperated with Europol on a specific investigation,” touting that the success of the bust “demonstrates the value of [this] partnership” for “effectively fighting digital cross-border crimes like [this] one.”

In regards to the arrest,  the head of Europol’s European Cybercrime Centre, Steven Wilson, chalks it up as a significant victory for the international cybersecurity community:

“This global operation is a significant success for international police cooperation against a top-level cybercriminal organisation. The arrest of the key figure in this crime group illustrates that cybercriminals can no longer hide behind perceived international anonymity. This is another example where the close cooperation between law enforcement agencies on a worldwide scale and trusted private sector partners is having a major impact on top-level cyber criminality.”

This article was published on CoinCentral.


Colin Harper

Colin is a freelance writer and crypto-enthusiast based in Nashville, TN.



“Top Misconceptions of Cryptocurrency as a Payment System”


Which can be read on Amazon Kindle Unlimited for Free  You can find more interesting articles by visiting us on one of the following platforms: AML Knowledge Centre (LinkedIn) or Anti-Bribery and Compliance at the Front-Lines (LinkedIn)