Cybercriminals 'drained ATMs' in $45m world bank heist

A gang of cybercriminals stole $45m (£29m) by hacking into a database of prepaid debit cards and draining cash machines around the world, US prosecutors say.

Seven people have been charged in New York over the heist, which allegedly stretched across 26 countries.

An eighth suspect is thought to have been murdered in April.

The network used fake cards to target banks in the United Arab Emirates and Oman, court documents said.

Prosecutors said law enforcement agencies in Japan, Canada, the UK, Romania and 12 other countries were involved in the investigation.

Arrests had been made in other countries, they said, although details were not released.

"The defendants and their co-conspirators participated in a massive 21st Century bank heist that reached across the internet and stretched around the globe," Loretta Lynch, US Attorney for the Eastern District of New York, said in a statement.

"In the place of guns and masks, this cybercrime organisation used laptops and the internet."

Members of the scheme allegedly hacked computer systems to steal data on prepaid debit cards. The cards are pre-loaded with funds rather than being linked to a bank account or a line of credit.

They cancelled withdrawal limits and distributed information to accomplices referred to as "cashers" around the world.

The cashers then loaded other magnetic stripe cards, such as gift cards or old hotel keys, with the stolen data and used them to withdraw huge sums.

The first alleged raid took place at the Rakbank in the UAE in December. Criminals were able to conduct 4,500 transactions worth $5m across about 20 countries.

Prosecutors believe the group broke into the Bank of Muscat based in Oman in February. In the space of 10 hours, casher cells withdrew $40m in 36,000 transactions from ATMs in 24 countries.

According to the indictment of the New York defendants, they quickly moved to launder their cash, opening a Miami bank account and pouring money into cars, including a Porsche and a Mercedes, and Rolex watches.

Seven people have been arrested and face charges of conspiracy to commit access device fraud and money laundering.

The accused ringleader of the cell was reportedly murdered in the Dominican Republic just weeks earlier, prosecutors said.

"Our message is clear. Law enforcement should not stand by as cybercriminals target our global financial system for their own ends," Ms Lynch told reporters.

She added that the attack was the "largest theft of this type that we have yet seen".