Russian bank customers hit by malware!


Cyber Security Firm Group-IB has warned Russian mobile banking customers of a possible cyber attack on Android mobile devices. The security firm said that criminals from Russia were trying to steal bank details of mobile banking customers using Cron malware and were planning to target European lenders by this month end.

As per a report published in Reuters, the hackers first targeted mobile banking customers of State Lender Sberbank last year. Then they targeted victims from Alfa Bank and Online payments company Qiwi. The news resource adds in its report that the hackers managed to collect around 50 million rubles (892,000) so far and were planning to hit banks in France and all other western nations.

As per the details available to Cybersecurity Insiders, a group of hackers tricked the customers of Sberbank by asking them to download a malware loaded mobile banking application. And as soon as the customers entered personal info in those applications, the criminals used that data to siphon money from the respected accounts of the related customers.

Reuters reported that the attack took place last year and the 16 suspects were arrested and prosecuted in May this year. The hackers admitted that they infected over a million smartphones in Russia on an average of 3,500 devices a day in just a span of one full year.

The customers of Alfa Bank and Qiwi became easy targets after the hackers exploited the weaknesses in the companies SMS text message transfer services.

The hackers were in an intention to launch a cyber attack on France-based financial lenders such as Credit Agricole, BNP Paribas, and Societe General.

Group IB findings illustrate the dangerous use of SMS messages for mobile banking. And as per the security firm’s discovery, the Cron malware was first detected in mid-2015 and by the time the arrests were made the hackers have already used it for past 1 year.

Group-IB has warned Russian mobile banking customers of a possible cyber re-attack as the developers of Cron are at large and might initiate a cyber attack after a certain period of break time. 

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display