Cybercrooks used a Trojan to steal more than EUR500,000 in just one week from the customers of a European bank, says security firm Kaspersky Lab.
More than 190 customers, mostly from Italy and Turkey, of the unnamed bank had money stolen in the campaign, dubbed Luuuk, in January.
Kaspersky says that on 20 January it detected a command and control server which had evidence of the Trojan in its control panel. The server also had transaction logs containing information about which sums of money were taken from which accounts.
The Trojan enabled crooks to intercept financial data automatically with money stolen as soon as victims logged into their accounts. The money was then parcelled out to mules who cashed out at ATMs.
Kaspersky says that within two days of its discovery of the server, the gang removed every shred of evidence that might be used to trace them. However, the firm warns, this is unlikely to be the end of the Luuuk campaign.