Menu

24 May

Russian speaking hacker arrested for stealing 8,000 USD per day leveraging mobile malware

Law enforcement, with support from Group-IB, one of the global leaders in preventing high-tech crimes and providing high-fidelity threat intelligence and anti-fraud solutions, has arrested a 32-year-old hacker, accused of stealing funds from Russian banks’ customers using Android Trojans. At the height of their activity, victims reportedly lost between 1,500 to 8,000 dollars daily and levered crypto currency for laundering.

Group-IB’s analysis reviewed the tools and techniques leveraged in the group’s attack revealing that the gang tricked customers of Russian banks into downloading malicious mobile applications “Banks at your fingertips”. The app claimed to be an aggregator of the country’s leading mobile banking systems and promised users a ‘one-click’ access to all bank cards to view balances, transfer money from card to card, and pay for online services. The app was first discovered in 2016 and was distributed through spam emails.

The criminal group’s approach was rather elementary: customers of banks downloaded the fake mobile app and entered their card details. The Trojan then sent bank card data or online banking credentials to the C&C server. Following this, the threat actor transferred 200-500 dollars at a time to previously activated bank accounts, and bypassed SMS confirmation codes which were intercepted from the victim’s phone. The victims were not aware of the transactions as all SMS confirmations of transactions were blocked.

The investigation by authorities identified a member of the criminal group, who was responsible for transferring money from user accounts to attacker’s cards, a 32 year old unemployed Russian national who had previous convictions connected to arms trafficking. During the suspects arrest in May 2018, authorities identified SIM cards and fraudulent bank cards to which stolen funds were transferred. The suspect has confessed to his actions and the investigation/ prosecution continues.

 

How Group-IB Threat Detection System (TDS) detects the infection by a mobile Trojan

How Group-IB Threat Detection System  (TDS) detects the infection by a mobile Trojan

Learn more about TDS

Group-IB is one of the leading providers of solutions aimed at detection and prevention of cyberattacks, online fraud, and IP protection. Group-IB Threat Intelligence system was named one of the best in class by Gartner, Forrester, and IDC.

Group-IB’s technological leadership is built on company’s 15 years of experience in cybercrime investigations all over the world and 55 000 hours of incident response accumulated in the largest forensic laboratory in Eastern Europe and a 24/7 CERT-GIB.

Group-IB is a partner of INTERPOL, Europol, and a cybersecurity solutions provider, recommended by SWIFT and OSCE. Group-IB is a member of the World Economic Forum.

Report an incident

24/7 Incident Response Assistance +7 495 984-33-64

Thank you for the inquiry! We will contact you soon.
Cookies

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

 
Report an incident