UK police arrest three over Maltese cyber bank robbery

The UK’s National Crime Agency (NCA) has made three arrests in Belfast and London after an investigation into money laundering following the February 2019 cyber heist on the Bank of Valletta (BoV) in Malta.

The original incident took place on 13 February 2019 when hackers used a strain of malware to access BoV’s IT systems. Employees noticed the intrusion when they were finalising the daily reconciliation of international money transfers.

The bank immediately moved to shut off all its IT systems and closed its branches, ATMs and point-of-sale devices, website, and online banking servers.

However, the hackers were still able to transfer €13m to bank accounts in Czechia, Hong Kong, the UK and the US.

The NCA said that approximately £800,000 was received by a bank account held in Belfast, and shortly afterwards, card payments and withdrawals adding up to £340,000 were made.

The criminals spent at high-end London stores including Harrods and Selfridges, blew £110,000 on Rolex watches at a third store, and put down payments on a Jaguar and an Audi A5.

The subsequent joint investigation by the Maltese authorities and the NCA resulted in the arrest of two men aged 22 and 17 in West Hampstead and Ladbroke Grove on 23 January 2020.

On 30 January, the NCA and Police Service of Northern Ireland officers executed two warrants in Belfast and arrested a 39-year-old man on suspicion of money laundering, fraud and theft. Several other suspects are still being sought.

“Our 12-month investigation, carried out with the help of the Malta Police Force Economic Crime Unit, has focused on a number of individuals we suspect may have been involved in laundering money on behalf of the organised crime group who carried out the cyber attack,” said NCA Belfast branch commander, David Cunningham.

“This has led us to the arrests in London last week and Belfast today, and our investigation continues. This operation demonstrates the reach of the NCA, both domestically and internationally.

“Working with our law enforcement partners at home and overseas we are determined to do all we can to target and disrupt those involved in organised crime, here in Northern Ireland and across the rest of the UK,” said Cunningham.

The NCA has scored a series of significant wins against cyber criminals in recent weeks. On 17 January, it worked with a number of international partners to take down the WeLeakInfo website, which made available over 12 billion personal credentials gleaned from over 10,000 leaks and data breaches.

Its investigative work also led to the December 2019 indictment of two Russian citizens for their role in the dissemination of the Bugat (or Dridex) and Zeus banking trojans.

In addition to its high-profile activities, it has also conducted more mundane police work targeting small time cyber criminal activity. Earlier in January, a Southwark man was sent to prison for nine months for his role in an attack on National Lottery operator Camelot, but rather than spending lavishly on luxury goods, the perpetrator netted himself just £5.