20 May 2018

Stealthy Russian hacking group steals $10 million over two-year period

11 December 2017  |  8283 views  |  0 web spider

A previously unreported Russian-speaking crime ring has looted $10 million from 20 successful attacks on financial institutions and legal firms in the USA, UK and Russia over the past two years.

The MoneyTaker group, uncovered by Moscow-based forensics lab Group-IB , has primarily been targeting card processing systems, including the AWS CBR (Russian Interbank System) and First Data's Star portal.

The hackers have gone unnoticed by constantly changing their tools and tactics to bypass antivirus and traditional security solutions and carefully eliminating their traces after completing their operations.

The first attack in the US that Group-IB attributes to this group was conducted in the spring of 2016 when the hackers gained access to First Data's Star network operator portal via compromised bank workstations, allowing them to lift withdrawal limits on legitimate gift cards and withdraw large sums from a co-ordinated raid by money mules planted across the country.

Since that initial success, the group has moved on to attack over 20 victims. The average haul from US banks was about $500,000, and it stole over $3 million from three Russian lenders.

The MoneyTaker group now appears to be widening its horizons, says Group-IB, with online chatter suggesting that banks connected to the Swift messaging network are now viewed as potential targets.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Barclays cans Kaspersky anti-virus offer

Barclays cans Kaspersky anti-virus offer

04 December 2017  |  7369 views  |  0 comments | 3 tweets | 4 linkedin
Silence is golden: New banking Trojan on the loose

Silence is golden: New banking Trojan on the loose

01 November 2017  |  6973 views  |  0 comments | 9 tweets | 11 linkedin
Russian hacker sentenced to 27 years in US prison

Russian hacker sentenced to 27 years in US prison

21 April 2017  |  7450 views  |  0 comments | 3 tweets | 12 linkedin
Russian hacker pleads guilty over $500m Citadel malware

Russian hacker pleads guilty over $500m Citadel malware

23 March 2017  |  8360 views  |  0 comments | 2 tweets | 8 linkedin
Russia arrests malware gang suspects

Russia arrests malware gang suspects

10 February 2017  |  6458 views  |  0 comments | 6 tweets | 7 linkedin
JP Morgan hack suspect returns to US to face justice

JP Morgan hack suspect returns to US to face justice

15 December 2016  |  7608 views  |  0 comments | 2 tweets | 3 linkedin
Russian central bank hit by $31m hacks

Russian central bank hit by $31m hacks

05 December 2016  |  6683 views  |  0 comments | 4 tweets | 13 linkedin

Related blogs

Create a blog about this story (membership required)
Visit iliad-solutions.com/Visit www.vasco.com/news/mobile-first

Top topics

Most viewed Most shared
Ripple moves to build ecosystem around XRPRipple moves to build ecosystem around XRP
9523 views comments | 5 tweets | 7 linkedin
HSBC claims blockchain breakthrough for trade financeHSBC claims blockchain breakthrough for tr...
9198 views comments | 14 tweets | 16 linkedin
IT implications and the need to pivotIT implications and the need to pivot
9184 views comments | 2 linkedin
Irish bank caught in social media spying stormIrish bank caught in social media spying s...
8009 views comments | 25 tweets | 16 linkedin
Former JPMorgan blockchain leads unveil new startupFormer JPMorgan blockchain leads unveil ne...
7145 views comments | 2 tweets | 2 linkedin

Featured job

Find your next job