14 DAY TRIAL // Millions in a bank account belonging to Ryanair, an Irish low-cost airline, were transferred in a fraudulent transaction to a bank in China.
Details of how the attack was possible remain under wraps, but the company says that the hit had no less than €4.6 / $5.14 million funneled to the foreign bank last week.
The involvement of a Chinese bank does not necessarily mean that the perpetrators are from this country. In many business email scams the companies are tricked to make transfers to banks in Hong Kong, where members of the cyber gang would withdraw the money.
Payment diversion fraud or banking Trojan
The funds illegally sent to China are believed to have been taken from an account used for buying fuel for the company’s Boeing 737 aircraft.
Payment diversion fraud, or business email compromise (BEC) scams, are a sophisticated method used by crooks to redirect a company’s payment for a supplier to a different bank account than the regular one.
On Tuesday, as a result of an operation involving Europol and the FBI, 10 individuals from Nigeria were arrested for laundering money obtained through this sort of activity.
The total losses were estimated by the authorities at €2.5 / $2.74 million and were incurred by tens of businesses and hundreds of individuals.
At the beginning of the month, researchers at IBM discovered a sophisticated operation dubbed Dyre Wolf that relied on Dyre banking Trojan to attack companies making large money transfers on a regular basis.
It is unclear if Ryanair fell victim to either of the two types of attacks, though.
Perpetrators have not been identified
At the moment, the identity of the authors of the Ryanair hit remains unknown, although an investigation has been started. It appears that quick coordination with authorities and the partner banks led to freezing the money, thus preventing the perpetrators from getting away with it.
According to the Irish Times, the Criminal Assets Bureau in Dublin may have used its connections with agencies in Asia tasked with similar responsibilities to track the funds.
The airline is expecting the funds to be recovered in a short amount of time and has taken the necessary steps to make sure that similar incidents are avoided in the future.