Thanks to an investigation that spanned several countries, authorities have finally caught up with an alleged cybercrime mastermind who led a yearslong high-tech spree to steal 1 billion euros ($1.2 billion) from global financial institutions.

The leader of the gang that has allegedly been behind malware attacks known as Carbanak and Cobalt was arrested in Alicante, Spain, according to a statement from Europol released on Monday. The bust was a massive operation involving not only the European Union’s law enforcement agency and the Spanish National Police, but also the Federal Bureau of Investigation, Romanian, Belarusian and Taiwanese authorities, along with private cybersecurity groups.

Officials said the gang began attacking financial systems in 2013, with the so-called Anunak malware campaign that targeted financial transfers and ATM networks, before working their way up to a more sophisticated set of malware in 2016, and then moving onto tailor-made malware.

Under the phishing attacks, emails with malicious software attachments would be sent to bank employees, allowing the gang to infiltrate internal banking networks, and infect ATM servers. Europol provided this graphic showing how the money was paid out, such as cash that was remotely spit out of ATMs at predetermined times and transfers via e-payment networks.

The cybercrime profits were also allegedly laundered via cryptocurrencies, using prepaid digital coin wallets, and then used to buy luxury cars and houses. On the day of the arrest, the European Cybercrime Centre helped deploy experts and information in Spain, and the European Banking Federation was also involved in the operation.

“The arrest of the key figure in this crime group illustrates that cybercriminals can no longer hide behind perceived international anonymity,” said Steven Wilson, Head of Europol’s European Cybercrime Centre, in a statement.

Spanish police arrest alleged cybercrime mastermind who orchestrated $1.2 billion theft from global financial institutions