Gang steals $45m in world's 'biggest ATM fraud'

Global scam used stolen debit card details and ‘cashing crews’ to withdraw millions from bank machines

David Usborne
Friday 10 May 2013 19:17
Cells in cities in more than 20 countries used cloned cards to withdraw $45m in two co-ordinated attacks
Cells in cities in more than 20 countries used cloned cards to withdraw $45m in two co-ordinated attacks

Investigators in the US and several other countries, including Britain, have cracked open a vast cash machine scam which yielded $45m (£29m) for its perpetrators scattered around the globe, making it one of the largest and most brazen bank heists ever seen.

Even as they offered details of the conspiracy, prosecutors conceded that some of it read like a film script – such as the revelation that the man believed to have led the New York end of the operation was found dead in the Dominican Republic, with an envelope containing $100,000 in cash untouched at his side.

Eight men in Manhattan have been charged over the conspiracy, including the dead man, while two Dutch citizens, a man and a woman, were arrested last night in Germany. While the scale and reach of the thefts are remarkable, it is the way they were executed that is most startling, proving again that just as fast as the world’s banks move to bolster their electronic security systems, so the criminal underworld is working just as swiftly to find ways to corrupt them.

Loretta Lynch, a US prosecutor in the case, said: “In the place of guns and masks, this cyber-crime organisation used laptops and the internet. Moving as swiftly as data over the internet, the organisation worked its way from the computer systems of international corporations to the streets of New York City, with the defendants fanning out across Manhattan to steal millions of dollars from hundreds of ATMs in a matter of hours.”

If the criminal operation was clever it was also global, and the men arrested in the US this week represent only a small part of it. Its inception involved computer hackers who infiltrated the networks of a credit-card processing company in India and the National Bank of Ras Al-Khaimah in the United Arab Emirates. They then allegedly raised the daily withdrawal limits on a number of debit cards.

According to the charges filed in court in New York, “even a few compromised bank account numbers can result in tremendous financial loss to the victim financial institution”.

Information about the compromised accounts was shared with conspiracy leaders in 20 countries, who encoded it on to fake debit cards. Those cards were then given to so-called cashing crews, who physically withdrew cash from ATMs.

The operation was repeated in February, targeting a different processing company and bank. In that round, US officials say, $40m was taken.

Almost a subplot, meanwhile, is the killing on 27 April in the Dominican Republic of Alberto Lajud-Peña, 23, identified by prosecutors as the leader of the New York crew. Known on the street as “Prime” and “Albertico”, he is believed to have fled the US as the police closed in. He is said to have died when hooded gunmen burst into an apartment where he was playing dominoes. They left the envelope of cash, but investigators do not know if his murder is related to the case.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in