Hackers steal $5 million from Ryanair's bank account
All of us dread the prospect of having our personal bank accounts hacked.
But imagine what it must be like for a company to have its business bank account plundered by hackers for millions of dollars?
According to reports, controversial budget airline Ryanair has fallen victim to hackers who managed to steal Ã¢â€šÂ¬4.6 million (almost US $5 million) via a fraudulent electronic transfer to a Chinese bank last week.
The Irish Times reports that Ryanair uses dollars to buy fuel for its fleet of Boeing 737 aircraft, and it is believed that these were the funds which the hackers were able to gain access too. Presumably large amounts of cash are spent purchasing fuel from such accounts, and that’s why no alarm was raised as 4.6 million was transferred from the account.
Whether, of course, large payments for fuel is often made via Chinese banks is information that I’m not privy too – but apparently that’s where at a least one bank transfer did end up going.
Who was behind the assault on Ryanair’s bank account is currently a matter of pure speculation. Just because a Chinese bank was involved does not necessarily mean that Chinese criminals were behind the attack.
Additionally, no details of how the hack was perpetrated have been made public, although in a statement the airline says that it has taken steps to prevent a reoccurrence:
“Ryanair confirms that it has investigated a fraudulent electronic transfer via a Chinese bank last week. The airline has been working with its banks and the relevant authorities and understands that the funds – less than $5 million – have now been frozen. The airline expects these funds to be repaid shortly, and has taken steps to ensure that this type of transfer cannot recur.”
Earlier this month, IBM security researchers published details of a criminal campaign dubbed “Dyre Wolf” that successfully stole more than $1 million from targeted businesses. In that campaign, hackers infected workers’ computers with malware and tricked them into ringing a live phone operator (working for the gang) who could socially engineer credentials and wire large sums of money out of the business’s account.
Although a fairly crude technique, it does successfully circumvent commonly-used defences such as two-factor authentication.
Of course, it’s not known if this was the technique used by the criminals who attacked Ryanair.
Personally I think it’s a shame that Ryanair hasn’t been able shed more light on the details of how the hack might have occurred, or what steps it might have taken to prevent it from happening again. After all, that would no doubt be information which could prove useful to other organisations which wish to protect themselves from similar criminal activity.
After all, if the airline has been able to fix the problem so quickly it would presumably be simple for other organisations to make sure that they were taking similar precautions or proactive steps to avoid falling to the same fate.
Ryanair became aware of the fraud on Friday, and Dublin’s Criminal Assets Bureau has been working with its counterparts in Asia to try to recover the money.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 23, 2021
July 22, 2021
July 20, 2021