June 2, 2016 by

Russian Authorities Nab Hacker Gang Behind $25m Cyber-Theft

 A hacker gang consisting of at least 50 individuals have been apprehended, many of them arrested after allegedly using malware to steal over 1.7 billion roubles ($25 million USD).

A cybercriminal hacker gang from Russia that allegedly infected websites with Trojan malware to gain access to victims’ computers and subsequently, their bank accounts, have been apprehended in a series of raids by Russian authorities.

Raids were carried out in 15 different regions across Russia, Russian internal security service FSB revealed.

A statement by the authority also highlighted the haul as a result of the raids.

“As a result of [the] searches, a large quantity of computer equipment was confisticated along with communications gear, bank cards in false names,” the FSB internal security service stated, adding, “and also financial documents and significant amounts of cash confirming the illegal nature of their activity.”

Lurk – Trojan Malware

The malware authors behind Lurk, a malware that is essentially without a file and exists on RAM, infected legitimate and popular websites with the malware. Inevitably, victims’ personal computers were infected after simply opening the webpage. When downloaded onto a victim’s PC, Lurk then downloaded additional malicious modules, granting the malicious hackers access to the machine.

It is here that login names and passwords for online bank accounts were stolen, including that of Russia’s largest bank, Sberbank.

Related read: Banking Trojans Combine to Siphon $4 Million in a Few Days

The bank, along with Russian cybersecurity firm Kaspersky Lab aided authorities in the investigation leading to the raids and arrests.

Ruslan Stoyanov, head of computer incident investigation at Kaspersky Lab shone some light into the Lurk Trojan malware strain.

Lurk started attacking banks one-and-a-half years ago; before then its malicious program targeted various enterprise and consumer systems.

Kaspersky Lab also revealed that its researchers were able to analyze and identify the hackers’ network of computers and servers. Armed with the knowledge, Russian Police and authorities were notified.

Group IB, another security firm from Russia that actively profiles cybercrime groups in Eastern Europe revealed that the Lurk gang had been operational since 2011.

Image credit: YouTube.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Hackers Stole $6 Million From Russian Bank via SWIFT System

Russia’s central bank has revealed a cyberheist wherein unknown hackers stole nearly 340 million...

Read more arrow_forward

Hackers Steal $400,000 of Cryptocurrency in DNS Hijack

Unknown hackers have hijacked the DNS server for web-based wallet application BlackWallet, an online...

Read more arrow_forward

Russian State-Sponsored Hackers Target the US Senate: Researchers

The suspected Russian hackers behind the breach of the Democratic National Committee (DNC) is now...

Read more arrow_forward