Up to 100 banks and financial institutions worldwide have been attacked in an “unprecedented cyber robbery”, claims a new report.
Computer security firm Kaspersky Lab estimates $1bn (£648m) has been stolen in the attacks, which it says started in 2013 and are still ongoing.
A cybercriminal gang with members from Russia, Ukraine and China is responsible, it said.
Kaspersky said it worked with Interpol and Europol on the investigation.
It said the attacks had taken place in 30 countries including financial firms in Russia, US, Germany, China, Ukraine and Canada.
“These attacks again underline the fact that criminals will exploit any vulnerability in any system,” said Sanjay Virmani, director of Interpol’s digital crime centre.
Kaspersky said the gang’s methods marked a new stage in cyber robbery where “malicious users steal money directly from banks and avoid targeting end users”.
The gang, which Kaspersky dubbed Carbanak, used computer viruses to infect company networks with malware including video surveillance, enabling it to see and record everything that happened on staff’s screens.
In some cases it was then able to transfer money from the banks’ accounts to their own, or even able to tell cash machines to dispense cash at a pre-determined time of day.
Kaspersky said on average each bank robbery took between two and four months, with up to $10m stolen each time.
“It was a very slick and professional cyber robbery,” said Kaspersky Lab’s principal security researcher, Sergey Golovanov.
The Financial Services Information Sharing and Analysis Center, a body that alerts banks about hacking activity, said that its members had received a briefing about Kaspersky’s report in January.
“We cannot comment on individual actions our members have taken, but on balance we believe our members are taking appropriate actions to prevent and detect these kinds of attacks and minimise any effects on their customers,” it said in a statement.