This allegedly started in 2011, when several accounts at banks such as: Citibank, JP Morgan Chase, PayPal, US Military Defense Finance, and 11 other banks had their accounts compromised. Once inside these accounts, the hackers set up a payment that was sent to multiple prepaid debit cards. The prepaid cards were then used by an achievement (also known as “tellers” or “money mules”) to make ATM withdrawals or purchases to convert the card to cash.

From there, tellers kept a small portion and sent most of the money to their employer via bank transfer.

They managed to avoid detection for some time by keeping transfers below the $10,000 threshold set by US anti-money laundering laws. However, they routinely made payments of $9,900. A $10,000 transaction sends up a big red flag, a $9,900 transaction sends up a smaller red flag. It is these multiple transfers of $9,900 along with a Gmail account that the defendants use to talk to others about the scheme that brought them down. In addition to the discussion of the scheme, there were many emails in this account detailing transfers to and from many of the banks. Currently only four (4) of the eight (8) defendants are in custody, the other four (4) remain at large. They are charged with: conspiracy to commit wire fraud, conspiracy to commit money laundering, and conspiracy to commit identity theft. If convicted, each of the defendants will face large fines and up to 55 years in federal prison.

It is still unclear how these eight managed to hack into these banks, but there is another case known as Trident Breach that used similar techniques. The hackers used a computer virus known as “ZeuS” to hack into more than 400 different companies and organizations and made off with more than $70,000,000 (seventy million dollars). This virus helped the perpetrators to gain access to the victim’s bank accounts. They would then divert the money and transfer it to their tellers’ bank accounts. The Trident Breach was conducted by foreign students who lived in the United States and had student visas. These ATMs would then send the money to Eastern Europe via wire transfer services or MoneyGram. MoneyGram and money transfer services are one-way streets. Once the funds are sent, they cannot be recovered. They are gone, never to be seen again.