Anonymous members of so-called dark web forums gloated about a series of successful thefts in the months leading up to a major hack at Tesco Bank last week, which reportedly cost the business some £2.5m in lost deposits.
Cybersecurity company Cyberint made the discovery after trawling various dark web forums in pursuit of suspects, before identifying several suspicious posts written by unidentified members boasting of having withdrawn sums of £1k per week without detection.
Speaking to the BBC Elad Ben-Meir, Cyberint's vice-president of marketing, remarked: “It was a cat and mouse game, but we saw indicators starting from September - so two months before the actual attack - of quite a few threat actors saying, 'We've been successfully getting into accounts and cashing out through various means’.
"This was on the AlphaBay forum, Hacking Forum and some lesser known places - and there was plenty of proof. One of the guys said, 'I used to cash out £1,000 every week without anyone ever noticing.'"
No independent verification of the veracity of these claims has been made however.
Tesco Bank has launched a criminal investigation into the hack which reportedly involved triggering contactless payments from smartphones using stolen data, although the firm has refused to confirm or deny this beyond saying that ‘none of our systems were breached’.