Report an incident

Get 24/7 incident response assistance from our global team

Talk to sales

Just fill out the form, and our representative will contact you soon.

Join the Cybercrime Fighters Club

Please review the following rules before submitting your application:

1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.

2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.

Russian speaking hacker arrested for stealing 8,000 USD per day leveraging mobile malware

Media Center Press Releases
May 24, 2018 · 2 min to read

Law enforcement, with support from Group-IB, one of the global leaders in preventing high-tech crimes and providing high-fidelity threat intelligence and anti-fraud solutions, has arrested a 32-year-old hacker, accused of stealing funds from Russian banks’ customers using Android Trojans. At the height of their activity, victims reportedly lost between 1,500 to 8,000 dollars daily and levered crypto currency for laundering.

Group-IB’s analysis reviewed the tools and techniques leveraged in the group’s attack revealing that the gang tricked customers of Russian banks into downloading malicious mobile applications “Banks at your fingertips”. The app claimed to be an aggregator of the country’s leading mobile banking systems and promised users a ‘one-click’ access to all bank cards to view balances, transfer money from card to card, and pay for online services. The app was first discovered in 2016 and was distributed through spam emails.

The criminal group’s approach was rather elementary: customers of banks downloaded the fake mobile app and entered their card details. The Trojan then sent bank card data or online banking credentials to the C&C server. Following this, the threat actor transferred 200-500 dollars at a time to previously activated bank accounts, and bypassed SMS confirmation codes which were intercepted from the victim’s phone. The victims were not aware of the transactions as all SMS confirmations of transactions were blocked.

The investigation by authorities identified a member of the criminal group, who was responsible for transferring money from user accounts to attacker’s cards, a 32 year old unemployed Russian national who had previous convictions connected to arms trafficking. During the suspects arrest in May 2018, authorities identified SIM cards and fraudulent bank cards to which stolen funds were transferred. The suspect has confessed to his actions and the investigation/ prosecution continues.

How Group-IB Managed Extended Detection and Response (MXDR) detects the infection by a mobile Trojan

How Group-IB Threat Detection System (TDS) detects the infection by a mobile Trojan

Learn more about Managed Extended Detection and Response (MXDR)

About Group-IB

Established in 2003, Group-IB is a leading creator of predictive cybersecurity technologies to investigate, prevent, and fight digital crime globally. Headquartered in Singapore, and with Digital Crime Resistance Centers in the Americas, Europe, Middle East and Africa, Central Asia, and the Asia-Pacific, Group-IB delivers predictive, intelligence-driven defense by analysing and neutralizing regional and country-specific cyber threats via its Unified Risk Platform, offering unparalleled defense through its industry-leading Cyber Fraud Intelligence Platform, Cloud Security Posture Management, Threat Intelligence, Fraud Protection, Digital Risk Protection, Managed Extended Detection and Response (XDR), Business Email Protection, and External Attack Surface Management solutions, catering to government, retail, healthcare, gaming, financial sectors, and beyond. Group-IB collaborates with international law enforcement agencies like INTERPOL, Europol, and AFRIPOL to fortify cybersecurity worldwide, and has been awarded by advisory agencies including Datos Insights, Gartner, Forrester, Frost & Sullivan, and KuppingerCole.

For more information, visit us at www.group-ib.com or connect with us on LinkedIn, X, Facebook, and Instagram.

Discover our podcasts to hear from leading voices on Masked Actors and Fraud Intel, where top cybersecurity experts share real-world experiences, emerging trends, and practical insights to help you stay one step ahead in the fight against cyber crime.

Read next
June 11, 2026
Group-IB investigation helped INTERPOL and Algerian authorities dismantle SniperDz, a nine-Year Phishing-as-a-Service Platform
June 8, 2026
Group-IB brings cyber fusion intelligence to CAISEC ‘26 to strengthen Egypt and Africa’s digital resilience
May 26, 2026
Group-IB partners with RiskRiot to strengthen financial crime prevention across DACH
May 21, 2026
Group-IB Achieves AWS Financial Software Competency, Recognizing its Cybersecurity Capabilities for Global Banking, Insurance, and Payments Sectors
May 19, 2026
Group-IB partners with Coventry University Egypt to build the next generation of cyber defenders
May 19, 2026
Gartner® names Group-IB as a Representative Vendor in the 2026 Gartner® Market Guide for Cybersecurity Incident Response Retainer Services
Go to all Press Releases →