Russian hackers rob 900.000 roubles

Russian hackers rob 900.000 roubles

[vc_row type=”in_container” full_screen_row_position=”middle” scene_position=”center” text_color=”dark” text_align=”left” overlay_strength=”0.3″][vc_column column_padding=”no-extra-padding” column_padding_position=”all” background_color_opacity=”1″ background_hover_color_opacity=”1″ column_shadow=”none” width=”2/3″ tablet_text_alignment=”default” phone_text_alignment=”default” column_border_width=”none” column_border_style=”solid”]

A Russian cyber hacking group called “Cron” has used malicious applications and software to infect around 1 million of Android smartphones and steal 50 million roubles (around £677,000 or $892,000) from domestic bank customers.

The Russians are the new black, from one to another moment Russia started to have and important papers on the Hacker field, remembering that few years ago China and US were the kings on it, now Russia have hackers hahaha and they hack elections, banks, movies and others fields.

According to Group-IB, the cyber security firm investigating the attack with the Russian Interior Ministry, the group infected smartphones at a rate of 3,500 devices a day.

The group of 20 hackers was planning to expand the attack to European financial leaders before being arrested. The core members of the crew were arrested on November 22 last year. The group began targeting French firms Credit Agricole, BNP Paribas and Societe General but no funds were stolen from customers.

The Cron Group, named after the malware they used-disguised the malware as fake banking applications, ecommerce and pornography web clients. When Android users in Russia searched online, the search engine results would suggest the fake apps and users would be tricked into downloading the phony version. After having control over the infected smartphone, hackers were able to send SMS messages to the mobile users’ banks instructing the transfer of money- up to $120 to one of the 6,000 fraudulent accounts. They intercepted the transaction confirmation codes, preventing the victims from receiving messages notifying them about the transaction. The attack was able to bypass two-factor authentication features that would require a user to enter a secondary code—often sent via text message—to confirm their identity.
“Cron’s success was due to two main factors” Dmitry Volkov, head of investigations at Group-IB, said in a statement. “First, the large-scale use of partner programs to distribute the malware in different ways. Second, the automation of many (mobile) functions which allowed them to carry out the thefts without direct involvement.”
They targeted customers of Sberbank, Alfa Bank, and online payments company Qiwi, exploiting SMS text message transfer services.
“Group-IB first learnt about Cron in March 2015: Group-IB’s Intelligence system tracked the activity of a new criminal group that was distributing malicious programs named ‘viber.apk’, ‘Google-Play.apk’, ‘Google_Play.apk’ for Android OS on underground forums,” explained the cyber security company.
The situation came to light when sources close to the investigation tipped off Reuters.
The Russian hackers rented a “Tiny.z,” a piece of malware designed to attack checking accounts systems, for $2,000 a month in June 2016, and adapted it to target European banks in Britain, Germany, France, the United States, and Turkey, among other countries.
Luckily for the people with infects smartphones and unfortunately for the hackers, only small sums can be transferred via SMS instructions, so despite the volume of devices affected, the amount of money the hackers stole was not astronomical.
A total of 16 people have been arrested thus far in relation to the case, including a 30-year old man who is believed to be the leader of the group operating across six different regions of Russia.
The exploit highlighted the dangers of SMS messages in mobile banking. SMS banking services are used in Russia to help people living in isolated areas, where access to banks is not easy. But security always has to outweigh consumer convenience.

learn, learning, the best security practice, ethical hacking, IT, Admin, Administrator, Server, User, Kali Linux, Phone, Download, Blog, WordPress, Free, Lab, Pentest, Pentester

[/vc_column][vc_column column_padding=”no-extra-padding” column_padding_position=”all” background_color_opacity=”1″ background_hover_color_opacity=”1″ column_shadow=”none” width=”1/3″ tablet_text_alignment=”default” phone_text_alignment=”default” column_border_width=”none” column_border_style=”solid” offset=”vc_hidden-md vc_hidden-sm vc_hidden-xs”]
[image_with_animation image_url=”6490″ alignment=”center” animation=”Fade In” box_shadow=”none” max_width=”100%” delay=”300″][team_member image_url=”1722″ team_memeber_style=”meta_below” link_element=”none” color=”Accent-Color” name=”Daniel Morales” job_position=”Writer”][/vc_column][/vc_row][vc_row type=”full_width_background” full_screen_row_position=”middle” bg_color=”#f9f9f9″ scene_position=”center” text_color=”dark” text_align=”left” top_padding=”4%” bottom_padding=”3%” overlay_strength=”0.3″][vc_column column_padding=”no-extra-padding” column_padding_position=”all” background_color_opacity=”1″ background_hover_color_opacity=”1″ column_shadow=”none” width=”1/1″ tablet_text_alignment=”default” phone_text_alignment=”default” column_border_width=”none” column_border_style=”solid”][recent_posts style=”default” category=”all” columns=”3″ title_labels=”true” posts_per_page=”3″][/vc_column][/vc_row]

Share it:

Leave a Reply

Your email address will not be published. Required fields are marked *