This article is more than 1 year old
Ryanair stung after $5m Shanghai'd from online fuel account
They'll have to check the account now, which will cost them extra
Budget airline Ryanair has fallen victim to a $5m hacking scam.
Crooks siphoned off money from an account earmarked for the payment of fuel bills via an electronic transfer to a bank in China last week. The transfer was subsequently blocked, but the funds – earmarked to pay for aviation fuel for Ryanair's 400-plus Boeing 737-800 aircraft – are yet to be recovered.
Ryanair confirmed the fraud, but told The Irish Times that it was confident of getting back its stolen money.
Ryanair confirms that it has investigated a fraudulent electronic transfer via a Chinese bank last week.
The airline has been working with its banks and the relevant authorities and understands that the funds – less than $5 million – have now been frozen.
The airline expects these funds to be repaid shortly, and has taken steps to ensure that this type of transfer cannot recur.
The Criminal Assets Bureau in Dublin is working with its counterpart agencies in Asia to trace and attempt to recover the stolen funds. The mechanism of the theft is unclear, but the two most likely possibilities are either a phishing attack or hackers succeeding in planting a banking trojan on to the machine of a staffer in the accounting department of Michael O’Leary's airline, if previous similar cases are any guide.
For example, security researchers at IBM recently blew the lid on a scam that netted more than $1 million from targeted businesses. During the so-called "Dyre Wolf" campaign, crooks used a combination of malware and social engineering through fake telephone support to trick marks into handing over bank account login credentials.
"Although a fairly crude technique, it does successfully circumvent commonly-used defences such as two-factor authentication," noted industry veteran Graham Cluley in a post on BitDefenders' HotForSecurity blog.
It's unclear if similar techniques were deployed in the case of the Ryanair scam, while the possible identity of the culprits behind the crime, remains similarly elusive.
Ryanair is yet to respond to a request from El Reg for an update on the situation. ®