Cyber stakeout at Illinois nursing home yields $170,000

A $170,000 cyberheist against an Illinois nursing home provider demonstrates how large financial institutions are being leveraged to target security weaknesses at small to regional banks and credit unions, reports Brian Krebs. Crooks logged into Niles Nursing Inc.’s online banking accounts using the controller’s credentials and tunneling their connection through his hacked PC. The miscreants added “mules,” individuals recruited to help launder stolen funds, to Niles’ payroll. The mules were sent automated clearing house payments totaling more than $58,000, withdraw those transfers in cash and wired the money to individuals in Ukraine and Russia. In total, the attackers appear to have recruited at least two dozen mules to help haul the stolen loot. All but two of the mules used or opened accounts at four out of five of the nation’s top U.S. banks, including Bank of America, Chase, Citibank, and Wells Fargo.