A Fuel Distributor in North Carolina Ravaged by $800,000 Cyberheist

Posted
Home / Blog / IT security news / A Fuel Distributor in North Carolina Ravaged by $800,000 Cyberheist
A Fuel Distributor in North Carolina Ravaged by $800,000 Cyberheist

Cybercriminals targeted a North Carolina fuel distribution firm and made away with more than $800,000. Neither the victim nor their bank noticed the criminals stealing the money for five long days. They only became aware of the crime after being alerted by a reporter. Had both parties been vigilant of the modern type of cybercrimes, the loss would certainly have been much less.

J.T Alexander & Sons Inc. which is based in Mooresville, N.C was targeted by cybercriminals on May 1st. On that day, the criminals stole by sending $5,000 and $10,000 lumps to mules. The money was sent to ‘work-from-home’ mules that were to help the criminals in the laundering process. The criminals operated a sophisticated system whereby they paid their mules through automated clearing house (ACH). The payment was in batches deducted from the payroll of J.T Alexander.

Investigators established that the criminals conducted this malicious crime several times. They were sending the stolen funds through the corrupted ACHs to mules who were over 60. A number of the mules had been recruited by a notorious Eastern Europe cybercrime gang based in Ukraine and Russia. Some cybercrime security experts refer the gang as ‘BackOffice Group’. This gang has been very prolific and has been involved in major cyber crimes spanning over four years. The gang can be tied to the $1.03 million theft which targeted a Washington State-based nonprofit making hospital.

According to David Alexander who is the oil firm’s president, the loss of the funds was quite colossal and quite painful. He, however, added that the firm was working on ways it could recover some of the stolen money. The company pays its 15 employees through the ACH system every two weeks. A normal J.T Alexander payroll batch totals to utmost $30,000. It is unnerving to see how the hackers managed to steal cash worth more than a year’s salaries using this seemingly safe system.