Five Arrested for Hacking 41 ATMs and Stealing $2.5m in Taiwan

According to a press release from Europol, law enforcement in Europe and Asia ran a “complex operation” that resulted in five arrests. Three separate law enforcement agencies made the arrests after collecting intel during the year-long investigation into “an organized criminal group.” The European and Asian law enforcement agencies involved—agencies in Romania, Belarus, and Taiwan—successfully convicted three of the five suspects.

The so-called organized crime group required a year-long investigation from international law enforcement—simply to bring down five suspects. According to the press release, the group carried out highly-sophisticated attacks against financial institutions. Romania routinely hosts notable hackers and especially financially motivated hackers. Just last year, one of the most well-known Romanian hackers, Mircea-Ilie Ispasoiu, faced charges in the US for computer hacking. Romanian authorities extradited him to the US where he now serves three years in prison.

From a DeepDotWeb article that explained Ispasoiu’s hacking offenses in the US:

“Ispasoiu was employed as a computer systems administrator at a large financial institution in Romania, court documents revealed. While working as a sysadmin, Ispasoiu began hacking organizations, companies, and private individuals. Between August 2011 and February 2014, the hacker breached database of retailers and medical offices.

Of these breaches, the indictment names several significantly impacted victims. The Grand Jury is aware of a restaurant in Montclair, New Jersey; a car dealership in North Brunswick, New Jersey; a medical office in Phoenix, Arizona; and a large security firm operating across the US.”

Romanian carders with magnetic card readers and the entire carding setup made the news on a routine basis as well, albeit of lesser significance than this operation.

In this case, the Romanian National Police made one arrest, the Taiwanese Criminal Investigation Bureau made three, and the Belarusian Central Office of the Investigative Committee captured the last suspect.

However, the most important piece seemed to be the role Taiwanese-dynamic played on the entire scheme. Most importantly, the location of the thefts. The group stole from 41 ATMs at 22 different branches of Taiwan’s First Commercial Bank. Officials in Taiwan believe the group consisted of 21 individuals. That number included three that the Taiwanese officials already sentenced to five years in prison. The group of hackers used malware to gain access to all 41 ATMS from July 9 to July 10. Then the men split into groups of two, physically accessed the ATMs and, according to the police, left within 10 minutes carrying bags filled with cash.

Japanese media explained that 22 suspects entered the city but only 19 left. And according to Bleeping Computer, the three that the group left behind served as mules. The other 19 suspects carried some money, but the three in Taiwan faced the daunting task finding a way to leave Taiwan with the bulk of the cash. That never happened. The banks recovered 93% of the money, Taiwanese media claimed.

Presiding judge Liao Chien-yu (廖建瑜) named ten more suspects spread throughout Russia and Romania. Officials passed the names and information on to relevant authorities.