Cyber-hackers are thought to have stolen hundreds of millions of pounds from up to 100 banks and financial institutions across the world, including the UK.
The massive heist took place over the last two years, and is believed to have been carried out by a gang of criminals from Russia, Ukraine, other parts of Europe, and China.
Computer security firm Kaspersky Lab estimates that one billion US dollars (£648 million) was taken in the attack and the enterprise, called Carbanak, is still active.
Kaspersky said the "malicious" gang's plot marked the beginning of a new stage in the evolution of cyber-criminal activity, where users steal money directly from banks and avoid targeting end-users.
The gang used malware to infect organisations' networks, enabling them to see and record everything happening on employees' screens.
Robberies lasted months
The largest sums were grabbed by hacking into banks and stealing up to 10 million dollars in each raid, it is estimated.
On average, each bank robbery took between two and four months, from infecting the first computer at the bank's corporate network, to having the stolen money transferred to their own accounts using online banking or international e-payment systems.
In other cases, Carbanak inflated account balances before pocketing the extra funds via a fraudulent transaction.
Another part of the scam involved the gang seizing control of bank ATMs and ordering them to dispense cash at a pre-determined time of day.
According to Kaspersky Lab data, the scam targeted financial organisations in 30 countries including the UK, Russia, US and Switzerland.
A number of UK financial organisations were attacked, but the information is not able to tell whether the attempts succeeded, and not all financial institutions reported the incidents.
Banks on alert
As the operation is still active, banks are being urged to check their networks for the presence of Carbanak.
Sergey Golovanov, principal security researcher at Kaspersky Lab's global research and analysis team, said: "These bank heists were surprising because it made no difference to the criminals what software the banks were using.
"So, even if its software is unique, a bank cannot get complacent. The attackers didn't even need to hack into the banks' services: once they got into the network, they learned how to hide their malicious plot behind legitimate actions. It was a very slick and professional cyber-robbery."
The global theft is being investigated by Interpol and Europol.
Sanjay Virmani, director of Interpol's digital crime centre, said: "These attacks again underline the fact that criminals will exploit any vulnerability in any system."