Three suspects arrested in Maltese bank cyber-heist

Suspects used stolen funds to buy Rolex watches, along with a Jaguar and an Audi A5.

Belfast arrest

Image: NCA

Special feature

Special report: A winning strategy for cybersecurity (free PDF)

This ebook, based on the latest ZDNet/TechRepublic special feature, offers a detailed look at how to build risk management policies to protect your critical digital assets.

Read More

British police have arrested yesterday three individuals that they believe are involved in the February 2019 hack of Bank of Valletta (BOV), one of Malta's biggest banks.

National Crime Agency (NCA) officers arrested two males, aged 22 and 17, in London, and a third suspect, a 39-year-old male in Belfast, Northern Ireland.

The three were arrested on money laundering charges. At the time of writing, it is unclear if the three orchestrated the Malta BOV cyber-heyst, or were just helping the hackers launder the stolen funds.

The Malta BOV hack

The Bank of Valletta cyber-heist took place on February 13, 2019. Using malware planted on the bank's internal servers, hackers transfered €13 million ($14.7 million) from the bank's internal systems to accounts in the UK, the US, the Czech Republic, and Hong Kong.

The heist was discovered the next morning BOV employees came to work, during daily reconciliation operations of international transfers, when they spotted the unauthorized large transactions that took place during the night.

Within 30 minutes after discovering the unauthorized operations, the bank closed all its branches, shut down its ATM and point-of-sale systems, along with its website and e-banking servers.

The bank then immediately started contacting banking partners seeking to reverse the unauthorized transactions. It was never disclosed how much of the stolen funds the bank managed to recover.

Malta bank didn't recover all the money

According to the UK NCA, around £800,000 (€950,000 / $1 million) reached the bank accounts of the three suspects.

Within hours of receiving the stolen funds, and before BOV could reverse the transaction, the NCA says the three suspects carried out a series of card payments and cash withdrawals totaling £340,000 (€340,000 / $445,000).

"They included payments to high end stores such as Harrods and Selfridges in London, around £110,000 spent on Rolex watches at a store in London, and payments for a Jaguar and Audi A5 from a car dealership," the NCA said in a press release.

Besides the three arrests, UK police said they also interviewed under caution a fourth male, from London, and are also still seeking a number of other suspects in connection with the investigation.