What goes around comes around and for these cyber criminals it came too fast!
Around fifty cybercriminals have been arrested by Russian authorities on charges of stealing 1.7billion roubles. This roughly accumulated to $25 million and £18 million. This is being referred to as the largest arrest of hackers to date in Russia. Authorities in Russia conducted multiple raids in over 15 regions throughout the country to catch the gang. Their houses were searched and massive numbers of computer devices and communication equipment were confiscated during the searches.
According to the FSB internal security service, they also confiscated “bank cards in false names, and also financial documents and significant amounts of cash confirming the illegal nature of their activity.”
According to reports, the fifty hackers were actually working in collaboration and infected websites with malware to gain access to users’ computers and then obtain their bank details to steal money. Since the hackers used advanced tricks for performing their malicious feats, it became almost impossible for security experts and related authorities to catch them and that’s why they were able to steal so much from unsuspecting users.
Their malicious coding was difficult to trace by security software after it infected the machine. It is believed that Lurk, a malicious Trojan, was used by the gang to steal money by infecting the most popular websites in Russia with it. For instance, if someone was visiting a website that has been infected with Lurk, the user’s PC will immediately get infected with the malware as it will download not only itself on the computer but also will get other modules onto the system making it all the easier for cybercriminals to access it.
The purpose was to steal login IDs and passwords for taking out money from the online banking accounts of the victims. A majority of accounts targeted were located at Russia’s biggest bank Sberbank.
According to the computer incident investigation head at Kaspersky Lab, Ruslan Stoyanov , the malware began attacking users’ bank accounts some one and a half years ago and prior to this, it used to target enterprises and consumer systems.
The police were able to track down the network of these hackers with the help of Kaspersky Lab and as per Mr. Stoyanov, the computers and servers used by them were traced for identifying their location. According to reports, the group has been active in Eastern Europe since 2011 and initially targeted clients of banks after shifting their focus to enterprises and individuals. In 2016, the group started relying upon the APT method of attacks because the source code for the Buhtrap malware was revealed publicly.