Russian Banks Using Hackers to Withdraw Money

There’s a suspicion that certain national banks in Russia have been withdrawing client funds using hackers. This has come to light after an investigation carried out by experts at the Russian Central Bank.


According to a statement made by the representative of  Georgy Luntovsky, first deputy chairman of the Central Bank, many Russian banks and financial institutions have begun using fake cyberattacks to help them cover up their previous crimes or violations, and to withdraw money from the accounts of their clients.

Moreover, three domestic banks that were previously attacked by cybercriminals have lost their  licenses in the fourth quarter of 2015.

Russian Central Bank data shows that in Q4 2015 alone cyber-attacks caused a loss of more than 1.5 billion rubles (US$ 20 million) from the accounts of clients at some Russian banks. There’s a suspicion that some of these would have taken place with the knowledge of the banks.

Through thousands of anonymous bank transfers, Criminals were able to cash funds using real credit cards, while falsifying accounting details of the banks’ counterparties.

In addition to that, the number of cyber-attacks on non-credit financial institutions has also increased. This increase is reflected in the number of cyber-attacks on stock exchanges and particularly during stock trading.

Russian Central Bank report reveals that the current level of IT security at the majority of Russian banks remains weak. One of the reasons is that the banks are avoiding the cost of introducing new IT security systems on their servers. Also many former banking workers have started to collaborate with hackers due to massive cuts in the Russian banking industry over the past year. This has facilitated access to the systems of their former employers.

Aggravating the situation, many of the banks that became a subject of cyber-attacks have not disclosed information about crimes committed against them due to reputational risks.


Source: Akati

Comments are closed.