The group that orchestrated the theft of over $2 million from cash machines at Taiwan's First Commercial Bank in July was also behind an ATM hacking spree in more than a dozen European nations last year, according to cyber security firm Group-IB.
The methods that the so-called Cobalt group used in Europe matched those used in Taiwan, Group-IB said in its latest client report.
Three Eastern European men were arrested in Taiwan in July on suspicion of collecting cash stolen from ATMs owned by First Commercial Bank, a unit of First Financial Holding Co Ltd.
Attorneys for the three defendants in an ongoing trial in Taipei told Reuters their clients were not familiar with Cobalt.
The men - identified in court documents as Peregudovs Andrejs of Latvia, Colibaba Mihail of Romania and Pencov Nicolae of Moldova - were among a total of 22 individuals, all foreign nationals, that Taiwanese authorities suspect of taking part in the theft, where most of the money was subsequently recovered.
The suspects used malware dubbed "ATM spitter" in the First Commercial Bank attacks, as well as similar hacks in countries including Armenia, Belarus, Britain, Bulgaria, Estonia, Georgia, Kyrgyzstan, Moldova, the Netherlands, Poland, Romania, Russia and Spain, Group-IB said in a report to its customers that Reuters reviewed on Thursday.
Group-IB first detailed the European spree in a report published in November, identifying the hackers as the Cobalt group.
The firm linked Cobalt to the Taiwan heist in its report last week.
Investigators in Taiwan told Reuters they were not aware of any links between Cobalt and the hackers behind the First Commercial Bank heist.
"What we can say is the people behind this hacking were very good," a Taiwanese investigator familiar with the case told Reuters, on condition of anonymity because the investigator was not authorised to speak with media.
The defendants, who maintain their innocence, said in a court hearing on Wednesday that they were not members of any international crime organization. Taipei prosecutors have said they suspect First Commercial Bank's network was breached at a London branch office.
Reuters
Thu Jan 05 2017
REUTERS/Pawel Kopczynski/Files
Kontroversi UM: Sarjana ‘berkualiti rendah’ tak patut dijemput - PM Anwar
Anwar menyindir ahli akademik AS yang terbabit dalam kontroversi pro-Israel sebagai sarjana berkualiti rendah dan tidak mempunyai pencapaian luar biasa atau istimewa.
Agong, Raja Permaisuri zahir ucapan Ulang Tahun Keputeraan kepada Sultan Terengganu
Ucapan itu dizahirkan Seri Paduka Baginda berdua menerusi poster yang dimuat naik di Facebook Sultan Ibrahim Sultan Iskandar hari ini.
Ada wajah kita tak mahu berpisah, tapi terpaksa melepaskannya - Datuk Red
Menerusi perkongsian itu, Adnan mengatakan ada perkara yang dia terpaksa reda dan menerima takdir yang sudah tertulis untuknya.
Komen jelik nahas helikopter Lumut, peniaga didenda RM23,000
Seorang peniaga dalam talian didenda RM23,000 di Mahkamah Sesyen di sini, selepas mengaku bersalah atas tuduhan memuat naik komen jelik berhubung nahas helikopter TLDM.
Bursa Malaysia dibuka rendah, jejaki prestasi Wall Street
Pada 9.10 pagi, FTSE Bursa Malaysia KLCI (FBM KLCI) susut 2.29 mata kepada 1,566.96 daripada 1,569.25 ketika ditutup pada Khamis.
AWANI Ringkas: Pesawat ringan mendarat cemas di Subang
Ikuti rangkuman berita utama yang menjadi tumpuan sepanjang hari di Astro AWANI menerusi AWANI Ringkas.
Cambodia Airways mulakan penerbangan terus Phnom Penh-Kuala Lumpur
Syarikat penerbangan Kemboja, Cambodia Airways, secara rasmi memulakan penerbangan terus dari ibu negaranya, Phnom Penh ke KLIA pada Khamis.
Semangat baharu bina ekosistem inovasi lebih dinamik
Perbadanan Pembangunan Teknologi Malaysia, MTDC meneruskan kesinambungan dalam memacu pembangunan teknologi negara, dengan melancarkan Citra MTDC, untuk mewujudkan ekosistem inovasi yang lebih dinamik.
Polis tahan guru disyaki liwat tiga pelajar
Tiga pelajar tahfiz dipercayai menjadi mangsa seks luar tabii apabila didakwa diliwat seorang guru agama dari pusat tahfiz berkenaan sejak dua tahun lalu.
Rumah Terbuka Aidilfitri Selangor di KKB langgar Akta - Bersih
Penganjuran Rumah Terbuka Aidilfitri Peringkat Negeri Selangor yang akan dianjurkan di Pekan Kuala Kubu Bharu Sabtu ini, boleh bercanggah dengan banyak peruntukan dalam Akta Kesalahan Pilihan Raya 1954 (AKPR).
Tiada apa yang boleh lindungi kita daripada intipan NSA -- pakar
Kegiatan pengintipan, yang didakwa dilakukan Agensi Keselamatan Nasional (NSA) Amerika Syarikat, terhadap Malaysia tidak dapat dihalang.