In a Single Night Cybercriminal Gang stole 3.8 million slopes (€ 860,000) from 32 ATMs

Within a single night, attackers stole 3.8 million slopes (€ 860,000) from 32 ATMs that belong to Romania bank Raiffeisen in the year 2016.

Attackers used an infected RTF document file to leverage the Microsoft Word vulnerability and installed the cobalt malware in bank systems and gained control over the bank network.

The ATM looting operation took place between 9 August 2016 and 4 September 2016. On the night of 3/4 September attackers simultaneously withdraws money from different parts of the country.

Bank confirms the customer accounts are safe and they are not affected by the breach.

Also Read Advanced ATM Penetration Testing Methods

According to report attackers gained control over the ATM remotely and instructed all the 32 ATMs remotely to dispense all the money that it had available and had some people in front of the ATM to sit and collect the money.

The operation that occurs within a single night exceeds any robbery ever committed in Romania, 3.8 million lei, about 860 thousand euros reports bzi.

The extremely well-coordinated criminal organization, wearing sunglasses and hooded anoraks waiting for the command, waited for bags and bags in their hands before the Raiffeisen Iasi, Bucharest, Suceava, Timeshare, Constanta, Plitvice, Saxon and Crevedia automats.
At the hands of their leaders, at least a few buttons, 32 cars released them all the money. If more men had been involved with the criminal organization, they could have virtually eliminated all the automatons of the bank.

One of the members of the network was caught in Iasi named Dmitrii Cvasov and the authorities recovered 80,000 lei Out of 3.8 million lei from him.

All these people who took over the cash issued by ATMs were coordinated – either from the group’s command center or from other members of the group.

AddThis Website Tools
Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

CefSharp Enumeration Tool Identifies Critical Security Issues in .NET Desktop Applications

Cybersecurity researchers and red teamers, a newly released tool named CefEnum is shedding light on…

9 hours ago

Russian Hackers Exploit Oracle Cloud Infrastructure to Target Scaleway Object Storage

Russian threat actors have been leveraging trusted cloud infrastructure platforms like Oracle Cloud Infrastructure (OCI)…

9 hours ago

Critical Vulnerability in Netwrix Password Manager Enables Authenticated Remote Code Execution

A critical security vulnerability has been discovered in Netwrix Password Secure, a widely used enterprise…

9 hours ago

Cityworks Zero-Day Vulnerability Used by UAT-638 Hackers to Infect IIS Servers with Shell Malware

Cisco Talos has uncovered active exploitation of a zero-day remote-code-execution vulnerability, identified as CVE-2025-0994, in…

10 hours ago

Researchers Warn of ‘Smiao Network’ Cyber Threat Against Taiwan’s Federal Staff

The Foundation for Defense of Democracies (FDD) and cybersecurity firm TeamT5 has exposed an intricate…

10 hours ago

Vidar and StealC Malware Delivered Through Viral TikTok Videos by Hackers

A sophisticated social engineering campaign that leverages the viral power of TikTok to distribute dangerous…

11 hours ago