# $46.7 Million Stolen From Networking Firm Ubiquiti in Unidentified Hack



## MannDude (Aug 11, 2015)

The full story can be read here: http://www.hakspek.com/security/46-7-million-stolen-from-networking-firm-ubiquiti-in-unidentified-hack/

It appears their finance department was specifically targetted and that staff fell victim to phishing attacks in which they gave up account information that allowed the attackers access to transfer millions of dollars to multiple overseas bank accounts.



> Embarrassingly, the fake emails had convinced ignorant employees into turning over their usernames, passwords and account numbers. This allowed the attackers to be able to transfer funds ($46.7 million to be exact) out of a Ubiquiti subsidiary in Hong Kong in to multiple overseas accounts that the hacker was in possession of.


Ubiquity was able to recover _some _of it's money, but only a small fraction. This was a massive attack.



> It was able to recover approximately $8.1 million of the money that the hacker stole, and Ubiquiti strongly believes it will be able to get back at least an additional $6.8 million more. The company is working with US and overseas law enforcement agencies to retrieve the remaining $31.8 million still missing.


It's bizarre to think so much could be stolen and so little recovered. I'm curious now to know what the largest attacks like this have been and what was recovered from them. $46,700,000 is no chump change...

Read more at the URL above.


----------



## Hxxx (Aug 11, 2015)

wooooooooooooooooooooow


----------



## MannDude (Aug 11, 2015)

> wooooooooooooooooooooow



Hi Hxxx, this is Jason from corporate. We're doing an audit of all finance staff's security credentials to ensure they're up to par with our security guidelines. I'm about to head out to lunch but I'm going to need your username and password that you use to overlook the finance records. I'm swamped with emails now from other staffers responding to this so if I do not respond please take it as a sign that everything is okay. If any changes need to be made I'll respond to you and let you know promptly as well as to what updates must be made.

Thanks for your cooperation!

-Jason Alexander
Head of Corporate Password Security


----------



## DomainBop (Aug 11, 2015)

MannDude said:


> *Ubiquity* was able to recover _some _of it's money, but only a small fraction. This was a massive attack.



Ubiquiti (large publicly traded maker of networking equipment) not Ubiquity (webhosting company, Nobis Tech, blocked in all my firewalls for years)

-----

This hack was originally disclosed in their quarterly filing with the SEC. https://www.sec.gov/Archives/edgar/data/1511737/000157104915006288/t1501817_8k.htm

From their SEC filing:



Quote said:


> *Item 8.01             Other Events.*
> 
> Business Fraud
> 
> ...


Krebs had an article on this a few days ago: http://krebsonsecurity.com/2015/08/tech-firm-ubiquiti-suffers-46m-cyberheist/


----------



## RA4W (Aug 13, 2015)

That's a huge amount of money.


----------



## Profuse-Jim (Aug 13, 2015)

Dang!


----------



## drmike (Aug 13, 2015)

Sounds like Mikrotik got mad about the competition / study results that showed Ubiquiti crushed them in performance.


----------



## IntroVex-Kamran (Aug 13, 2015)

I have to say that's one amazingly successful hack. I wouldn't expect employees to have fallen victim to phishing attempts, but I stand corrected.

Good luck to Ubiquiti in regaining their "lost" funds.


----------



## HalfEatenPie (Aug 13, 2015)

RA4W said:


> That's a huge amount of money.



Naw it's just pocket change.



drmike said:


> Sounds like Mikrotik got mad about the competition / study results that showed Ubiquiti crushed them in performance.



Totally unrelated.  I love Mikrotik!  

In other news, people should really learn more about social engineering...  seems like they fell trap to it.


----------



## RA4W (Aug 17, 2015)

HalfEatenPie said:


> RA4W said:
> 
> 
> > That's a huge amount of money.
> ...


For some people maybe :X


----------



## eva2000 (Aug 17, 2015)

hmmm.. i think if they did what my bank does with any money transfers needing a SMS txt verification code - might have been more protected ?


----------

