The National Court has imposed a sentence of four and a half years in prison on Denis Katana, a Russian hacker, who pleaded guilty to multiple crimes of remote robberies.

From his home in Alicante, Katana infected the computer systems of banks across the world managing to defraud them of 5 million euros in the process.

The defendant pleaded guilty of creating a malicious program with which, from his home in Alicante, he infected the computers of hundreds of banks in different countries of the world, allowing him to manipulate ATMs remotely to extract money which the prosecution claimed was in excess of five million euros. The money was then laundered as he purchased bitcoins.

Katana, accepted the sentence of three years in prison for a crime of computer fraud, six months for integration into a criminal group, another six months for falsification of a public document and another six months for money laundering, the final offence for which he is also required to pay a fine of six million euros. His partner accepted the penalty of six months in jail and a fine of 300,000 euros for money laundering.

In delivering the sentence the judge said that it was purposely much more lenient than it might otherwise have been as the defendant had been fully cooperative throughout the proceedings.

The investigation began following information from the Belgian authorities about the existence of an organisation dedicated to the fraudulent extraction of money from banks around the world, through malicious programs (malware) that they sent by email to bank employees, pretending to be from the companies with which they worked. Once the employee opened the mail, the program infected the complete computer system, allowing them to control bank accounts and ATMs remotely, modifying the limit of certain accounts and directly accessing the cashiers system. Later, they extracted money by sending remote orders so that at a certain time the money would be dispensed.

Using this system, called “Cobalt”, the organization obtained cash from ATM’s all over the world. Thus, in coordination with a number of accomplices, he managed to introduce the malicious program to banks including the First Commercial Bank of Taiwan.

On July 9 and 10, 2016, several people who had subsequently travelled to Taiwan, were able to make various cash withdrawals at the bank’s ATMs for an amount greater than 2.6 million US dollars. However, the Taiwanese authorities managed to arrest two people and recover almost all of the proceeds. In Spain, the banks attacked were Sabadell and Santander.