A brazen $3 million heist from the ATMs of Bangladesh's Dutch-Bangla Bank has been traced to Russian-speaking cybergang Silence, a sure sign that the criminal network is branching out from its home country.
Forensic security intelligence firm Group-IB says the attack in late May bears all the hallmarks of Silence, who have gained international notoriety for their ATM jackpotting thefts.
The firm suggests that the cyber-crime gained access to the bank's infrastructure through a phishing e-mail, unlocking access to the ATM network through a remote proxy server.
The final stages of the attack were caught on CCTV footage, which showed two Ukrainian money mules withdrawing large wads of cash in stages from a bank ATM, each time making phone calls to a third party before beginning the process again.
Rustam Mirkasymov, Group-IB threat intelligence expert, says: "What we see now is that Silence is continuing to shift their focus from the CIS and neighbouring countries to international markets. Having tested their tools and techniques in Russia, Silence has gained the confidence and skill necessary to be an international threat to banks and corporations. Asia particularly draws cybercriminals’ attention. Dutch-Bangla Bank is not the first Silence’s victim in the region. In total, we are aware of at least four targets Silence has attacked in Asia recently."