The UK’s National Crime Agency (NCA) have arrested a total of six men as part of an investigation into the hack of a Maltese bank in February 2019.
The Maltese Bank of Valletta (BOV) shut down all of its operations in February 2019 – closing all its branches, and disabling its cash machines, website, email, and mobile banking services – after hackers attempted to access 13 million Euros
An NCA press release describes how malware was used to access the bank’s systems and illegally move funds into accounts held in other countries. One of those accounts, according to the NCA, was located in Belfast and received £800,000:
“In the following hours a number of card payments and cash withdrawals totalling £340,000 were made from the account before a block could be put on them.”
“They included payments to high end stores such as Harrods and Selfridges in London, around £110,000 spent on Rolex watches at a store in London, and payments for a Jaguar and Audi A5 from a car dealership.”
Maltese authorities informed the NCA, who began an almost year-long investigation which culminated in the following:
22 January: Two males, aged 22 and 17, arrested in raids in West Hampstead and Ladbroke Grove areas of London. An additional male was interviewed under caution.
30 January: Search warrants executed in the north and west Belfast areas, with one 39-year-old man arrested on suspicion of money laundering offences, fraud and theft.
30 January: A 33-year-old man arrested at Heathrow airport as he returned to the UK from China, on suspicion of money laundering offences, fraud and theft. He has been questioned and bailed pending further enquiries.
31 January: Two men, aged 23 and 24, were arrested on suspicion of money laundering offences, fraud and theft, after handing themselves in to a police station in Belfast.
The NCA released footage of some of the arrests on Twitter:
Last week officers arrested two males in London.
Today NCA officers, supported by officers from the @PoliceServiceNI, executed two warrants in the north and west Belfast areas, arresting a man on suspicion of money laundering offences, fraud and theft. pic.twitter.com/SBKYsyaSNn
— National Crime Agency (NCA) (@NCA_UK) January 30, 2020
Notably, at this stage at least, none of the arrests appear to be related to the actual hack itself and the usage of the malware which infected BOV’s systems. That in itself may not be surprising as it is common today for cybercriminal gangs to be split into different groups – the people writing the actual malware, for instance, may be different from those laundering the money.
The NCA says its investigation continues.