GLOBAL finance giant Citigroup is denying reports hackers stole "tens of millions” of dollars from its banking arm Citibank midway through the year.
The Wall Street Journal yesterday reported the money was lost to "malicious software created in Russia” and that the case was being investigated by the FBI.
The Wall Street Journal reported a specialised piece of malware known as "Black Energy” was behind the losses, having been modified to steal banking authentication details.
"There’s a newer, private version of Black Energy that uses plugins to extend its capabilities beyond just DDoS (distributed denial of service), security researcher Joe Stewart told End of sidebar. Return to start of sidebar.
The Wall Street Journal reported that the FBI, the National Security Agency, the Department of Homeland Security and Citigroup exchanged information to counter the attack, which could have begun as long as a year ago.
The hackers, named in The Guardian as the "Russian Business Network”, first gained notoriety several years ago after masterminding a string of hi-tech crimes including identity theft, fraud, spam and child pornography.
Citigroup, the world’s largest financial services company, rejected any suggestion the FBI was investigating an incident and denied that a raid of such proportions had taken place.
"Any allegation that the FBI is working on a case at Citigroup involving a breach of Citi systems resulting in tens of millions of dollars of losses is false,” it said.
"There has been no breach and there have been no associated losses.”
However, Dow Jones & Co spokesman Robert Christie told the Associated Press that The Wall Street Journal stood by the accuracy of its story.
A former member of the World Bank’s security team said he was not aware of the attack, but said criminal groups based mainly in Europe, Brazil and Southeast Asia "consistently targeted” large banks and that the industry was "haemorrhaging funds”.
"Ninety-eight percent of bank heists are now occurring virtually and not in the real world,” he told The Associated Press.