Scammers disguise themselves as divisions of the Central Bank of Russia
Cyber Criminals performed a large-scale attack on Russian banks in late 2018, they managed to steal $ 20 million.
The attackers disguised themselves as divisions of the Central Bank FinCERT and Alfacapital. It is known that the attacks were carried out by hacker groups Silence and Cobalt, who had previously organized cybercrime. Also along with them operated a new hacker group, which had not been seen before.
The scheme of crimes was the same: the scammers on behalf of the FinCERT division of the Central Bank sent out malicious documents with macros. In addition, a compromised account of an employee of the company Alfacapital was used.
Representatives of many banks confirm the frequent attacks. The criminals tried to penetrate the infrastructure of the financial organization for the withdrawal of money.
The IT-company Positive Technologies conducted their own statistics and found that over 201 million people suffered from such attacks in 2018.
Moreover, banking infrastructure was attacked in 78% of cases, web resources – 13 %, ATMs and POS-terminals – 9 %, personal data – 39% , credential theft , card information, trade secret – 5%, personal correspondence and other information – 8%.
In addition, on February 18, Kaspersky Lab recorded an increase in attacks by Buhtrap and RTM banking Trojans in Russia. At the end of last year, experts recorded an increase in the activity of the banking Trojan RTM 50 times, compared to 2017.