Kaspersky thinks the attacks were made using so-called phishing scams to access up to 100 banks’ networks and so gained access to cash machines and drew out the money.
But the attacks are confined mostly to Russia, with some attacks made on banks in Ukraine and China.
The company worked with Interpol on an investigation and it claims that the attack is one of the most significant security breaches yet.
The amount is difficult to pin down and it’s believed the billion dollar figure may have been overstated.
The crooks involved in the scam are believed to still be active but there’s no indication on where they’re based or how they gained access to ATMs.