23 February 2018
Visit www.avoka.com

Stealthy Russian hacking group steals $10 million over two-year period

11 December 2017  |  7700 views  |  0 web spider

A previously unreported Russian-speaking crime ring has looted $10 million from 20 successful attacks on financial institutions and legal firms in the USA, UK and Russia over the past two years.

The MoneyTaker group, uncovered by Moscow-based forensics lab Group-IB , has primarily been targeting card processing systems, including the AWS CBR (Russian Interbank System) and First Data's Star portal.

The hackers have gone unnoticed by constantly changing their tools and tactics to bypass antivirus and traditional security solutions and carefully eliminating their traces after completing their operations.

The first attack in the US that Group-IB attributes to this group was conducted in the spring of 2016 when the hackers gained access to First Data's Star network operator portal via compromised bank workstations, allowing them to lift withdrawal limits on legitimate gift cards and withdraw large sums from a co-ordinated raid by money mules planted across the country.

Since that initial success, the group has moved on to attack over 20 victims. The average haul from US banks was about $500,000, and it stole over $3 million from three Russian lenders.

The MoneyTaker group now appears to be widening its horizons, says Group-IB, with online chatter suggesting that banks connected to the Swift messaging network are now viewed as potential targets.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Barclays cans Kaspersky anti-virus offer

Barclays cans Kaspersky anti-virus offer

04 December 2017  |  6940 views  |  0 comments | 3 tweets | 4 linkedin
Silence is golden: New banking Trojan on the loose

Silence is golden: New banking Trojan on the loose

01 November 2017  |  6697 views  |  0 comments | 9 tweets | 11 linkedin
Russian hacker sentenced to 27 years in US prison

Russian hacker sentenced to 27 years in US prison

21 April 2017  |  7344 views  |  0 comments | 3 tweets | 12 linkedin
Russian hacker pleads guilty over $500m Citadel malware

Russian hacker pleads guilty over $500m Citadel malware

23 March 2017  |  8188 views  |  0 comments | 2 tweets | 8 linkedin
Russia arrests malware gang suspects

Russia arrests malware gang suspects

10 February 2017  |  6384 views  |  0 comments | 6 tweets | 7 linkedin
JP Morgan hack suspect returns to US to face justice

JP Morgan hack suspect returns to US to face justice

15 December 2016  |  7521 views  |  0 comments | 2 tweets | 3 linkedin
Russian central bank hit by $31m hacks

Russian central bank hit by $31m hacks

05 December 2016  |  6606 views  |  0 comments | 4 tweets | 13 linkedin

Related blogs

Create a blog about this story (membership required)
Visit www.vasco.comvisit www.ebaday.comvisit www.capgemini.com/worldreports

Top topics

Most viewed Most shared
Ripple makes new connections to emerging marketsRipple makes new connections to emerging m...
10570 views comments | 14 tweets | 10 linkedin
hands typing furiouslySome Interesting Applications Of The Inter...
9824 views 3 | 8 tweets | 1 linkedin
Coinbase and Visa at loggerheads over erroneous charges on customer crypto accountsCoinbase and Visa at loggerheads over erro...
8879 views comments | 13 tweets | 13 linkedin
Basel Committee outlines disruptive fintech scenariosBasel Committee outlines disruptive fintec...
7610 views comments | 15 tweets | 26 linkedin

Featured job

Competitive
London, UK (or flexible)

Find your next job