Take the Money and (Possibly) Run: Most Devastating Hacks of 2015

The number of compromised accounts is an interesting metric to measure the impact of a cyber attack (here a list of the top 20 most devastating breaches occurred in 2015), but there are cases in which single individuals or organizations become victims of hackers for a specific purpose: take the money (as much as possible) and (possibly) run.

This year has seen many different ways to accomplish this task: one-time fraudulent money transfers, dating scams, or long lasting sophisticated campaigns (just like the Carbanak example). Different ways and different outcomes either, since, unfortunately for the attackers, not all the operations turned into an happy ending for them.

In the following gallery (after the Read More Tag you also find the table and chart) I have collected the top 10 hacks happened in 2015 which resulted in the maximum “revenue” for the attackers (and loss of money for the victims). In several cases they were successful, in other cases the alleged authors are about to be sentenced, in all cases, the attackers showed no mercy in their purpose to steal as much as possible from their designated victims.

Arrow
Arrow
Introduction - 2015 has seen many different ways to hack single individuals or organizations with the sole purpose of stealing money: one-time fraudulent money transfers, dating scams, or long lasting sophisticated campaigns (just like the Carbanak example). Different ways and different outcomes either, since, unfortunately for the attackers, not all the operations turned into an happy ending for them.
Shadow
ArrowArrow
Slider

All logos are property of the respective brands.

And the total booty of these hacks hits $1,166,590,000.

RankDateAuthorTargetEvent Description and CharacteristicsValueLink
Total$1,166,590,000.00
114/02/2015Carbanak
Cybergang
100 banks
in 30 nations
The New York Times anticipates a report by Kaspersky Lab, unveiling the operation of the "Carbanak Cybergang", a gang of criminals able to steal $1 billion worth from more than 100 banks in 30 nations.$1,000,000,000.00http://www.nytimes.com/2015/02/15/world/bank-hackers-steal-millions-via-malware.html?_r=1
211/08/201532 defendantsNewswire
services
The US Securities and Exchange Commission announce civil fraud charges against 32 defendants for taking part in a scheme to profit from stolen nonpublic information about corporate earnings announcements. Those charged include two Ukrainian men who allegedly hacked into newswire services (Business Wire, PR Newswire, Marketwired) to obtain the information and 30 other defendants in and outside the US who allegedly traded on it, generating more than $100 million in illegal profits.$100,000,000.00http://www.net-security.org/secworld.php?id=18753
306/08/2015?Ubiquity
Netowrks
Networking firm Ubiquiti Networks Inc. discloses a cyber theft of $46.7 million perpetrated spoofing communications from executives at the victim firm in a bid to initiate unauthorized international wire transfers.$46,700,000.00http://www.csoonline.com/article/2961066/supply-chain-security/ubiquiti-networks-victim-of-39-million-social-engineering-attack.html
405/01/2015?BitstampUK-based Bitstamp, the second largest bitcoin exchange operator for US dollars, suspends operations following evidence that online thieves have stolen up to 19,000 BTC, approximately $5.2 million worth, from its operational store of bitcoins$5,200,000.00http://arstechnica.com/security/2015/01/bitcoin-exchange-bitstamp-claims-hack-siphoned-up-to-5-2-million/
529/04/2015?RyanairRyanair confirms to have been targeted in an international scam that siphoned about 5million from its bank accounts. The theft has been carried on through a fraudulent electronic transfer via a chinese bank.$5,000,000.00http://www.independent.ie/business/irish/ryanair-hit-for-millions-of-euro-in-international-chinese-banking-scam-31180849.html
623/11/2015?Five
Unnamed Banks
Group-IB reveals that over the last 5 years criminals in Russia found a way to steal 252 million Rubles ($3.8 million) from five unnamed banks, using a novel technique called a Òreverse ATM attackÓ.$3,800,000.00http://www.forbes.com/sites/thomasbrewster/2015/11/23/visa-mastercard-atm-fraud-hackers-steal-millions-dollars/
727/11/2015?Unknown
Woman
London's Met Police issues a warning after a woman loses £1.6m ($2.4m) in dating scam$2,400,000.00http://www.bbc.co.uk/newsbeat/article/34941257/police-warning-after-woman-loses-16m-in-dating-scam
814/02/2015?BterChina-Based Bitcoin exchange Bter is hacked on Valentine's Day and $1.75 million worth of Bitcoin (7.170 BTC) is stolen$1,750,000.00http://thenextweb.com/insider/2015/02/16/chinese-bitcoin-exchange-bter-hacked-1-75-million-worth-cryptocurrency-stolen/
916/01/2015?Bonnier
Publications
Attackers believed to have originated in China hack into the email of Bonnier Publications CEO Dave Freygang and steal $1.5 million with a fraudulent electronic transfer.$1,500,000.00http://nypost.com/2015/06/16/magazine-publisher-swindled-out-of-1-5-million-in-cyber-fraud/
1030/05/2015?Businessman
in Mahwah
(NYC)
Hackers set their sights on a local businessman In Mahwah (NYC) and obtain enough of his personal information to persuade his bank to wire $240,000 overseas.$240,000.00http://www.databreaches.net/nj-hackers-steal-240k-from-mahwah-businessmans-bank-account/
 

Whereas the corresponding chart needs a logarithmic scale given the size of the Carbanak campaign.

Most Devastating Hacks 2015

Leave a Reply

%d bloggers like this: