Three foreigners have been arrested in Taiwan after thieves made off with $2.5 million from ATMs around the country.
In what’s believed to be the first incident of its kind in the south-east Asian nation, criminals from eastern Europe and Russia are said by police to have used malware to infiltrate cash machines run by First Commercial Bank.
The three suspects were arrested in the capital Taipei and north-east Taiwan, with around half the money recovered.
However, 13 other suspects are thought to have already fled the country, presumably taking the stolen funds with them, according to the BBC.
Masked thieves are apparently seen on CCTV footage walking away from dozens of ATMs around the country with bags of cash.
It’s not clear how the heist was carried out although it appears to have been a highly professional job.
"This is the first time that an international team of ATM thieves has committed a crime in Taiwan," the head of the Criminal Investigation Division, Lee Wen-chang, is quoted as saying.
It may have been a first for Taiwan but the incident is certainly not the first of its kind in the region.
In May, criminals managed to steal a 1.4 billion yen ($12.7m) from Japanese ATMs in a highly co-ordinated raid on over 1000 convenience store ATMs.
It’s believed that in that case, fake cards cloned from data stolen from a South African bank were to blame.
It’s not just ATMs in Japan and Taiwan that are at risk of abuse, however. A Kaspersky Lab report from April warned that virtually every cash machine in the world can be illegally accessed – either because of physical security shortcomings or software issues.
Many, for example, still run Windows XP and XFS – an outdated standard allowing the ATM PC to connect with the rest of the banking infrastructure – making them easy to exploit via malware attacks.
In addition, many ATMs are architected so that it’s easy for criminals to reach the PC or network cable inside, enabling them to send new commands to the machine.
The incidents highlight that banks need to approach security in a more holistic manner, locking down risk offline as well as online.