18 February 2018
Visit www.avoka.com

Russian criminals hack in to bank networks to steal $18 million

22 December 2014  |  10916 views  |  0 programming code hipster

A group of Russian cybercriminals which specialises in gaining access to the internal payments networks of banks has stolen more than $18 million over the past six months.

The group, which goes under the name Anunak, has been uncovered by forensics experts at Moscow-based Group-IB and Fox-IT of the Netherlands.

Anunak's targets in Russia and CIS countries are banks and payments systems while in Europe, USA and Latin America criminals were mainly focusing on retail networks as well as mass media resources.

The gang uses malware that goes under the Anunak title and allows for organised targeted attacks at banks and e-payment systems. When the crooks gain access to internal networks, they have total control over system administrators and record videos of key workers actions to understand how the work is organised. They then take control over e-mails to monitor internal communications and set up remote control to the network by changing its hardware parameters.

The average time from the moment the group creeps into an internal network before the money is stolen equals 42 days.

The investigation found that the Anunak group had access to more than 50 Russian banks, 5 payment systems and 16 retail companies. Group-IB and Fox-IT analysts discovered that hackers had access to cash machines management systems and could remotely infect them with malware for the purpose of getting money from them upon request in future.

Andy Chandler, senior VP at Fox-IT says: "This is very serious and as soon as we could conclude our joint investigations we wanted to share the information and not just for our customers but everyone. They (Anunak) are very pro-active and at times innovating, when you look at the volumes of money, credit cards and intellectual property they have taken, this can only be described as a ‘professional' criminal campaign with a high level of success and please believe they are not going away anytime soon."

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Hackers infiltrating public companies to gain an edge on Wall Street

Hackers infiltrating public companies to gain an edge on Wall Street

02 December 2014  |  4779 views  |  0 comments | 2 tweets | 3 linkedin
Banks accused of failing to report true scale of cybercrime

Banks accused of failing to report true scale of cybercrime

07 November 2014  |  29699 views  |  4 comments | 19 tweets | 12 linkedin
Crook dumps Target card details on Russian forum

Crook dumps Target card details on Russian forum

17 October 2014  |  8372 views  |  0 comments | 6 tweets | 5 linkedin
JPMorgan yet to detect rise in fraud from recent cyber-attack

JPMorgan yet to detect rise in fraud from recent cyber-attack

12 September 2014  |  6966 views  |  0 comments | 3 tweets | 3 linkedin
FBI probes Russian link to cyber-attacks on US banks

FBI probes Russian link to cyber-attacks on US banks

28 August 2014  |  6839 views  |  0 comments | 4 tweets | 3 linkedin
Romanian cybercrime network dismantled

Romanian cybercrime network dismantled

18 July 2014  |  7578 views  |  0 comments | 7 tweets | 5 linkedin
US Treasury calls on financial sector to step up cybersecurity planning

US Treasury calls on financial sector to step up cybersecurity planning

17 July 2014  |  7336 views  |  0 comments | 4 tweets | 5 linkedin
Cybercrooks steal EUR500,000 from European bank

Cybercrooks steal EUR500,000 from European bank

25 June 2014  |  6583 views  |  1 comments | 9 tweets | 2 linkedin
Banks losing millions to new wave of ATM hacks - FFIEC

Banks losing millions to new wave of ATM hacks - FFIEC

03 April 2014  |  9950 views  |  4 comments | 8 tweets | 16 linkedin

Related blogs

Create a blog about this story (membership required)
Visit www.vasco.comvisit www.ebaday.comvisit http://info.nice.com

Who is commenting?

Top topics

Most viewed Most shared
Saudi central bank provides sandbox for banks to try out Ripple techSaudi central bank provides sandbox for ba...
10885 views comments | 16 tweets | 11 linkedin
Aussie real-time payments platform goes liveAussie real-time payments platform goes li...
8482 views comments | 15 tweets | 42 linkedin
ECB launches staunch defence of cashECB launches staunch defence of cash
8272 views 10 comments | 21 tweets | 26 linkedin
hands typing furiouslyHow can Blockchain Help with AML KYC
7927 views 3 | 9 tweets | 6 linkedin

Featured job

Competitive
London, UK (or flexible)

Find your next job