Friday, June 14, 2024

Big Cyber Attack in Russia’s Central Bank-Loses $31 Million

Russia’s central bank saw 2 billion rubles (US$31 million) stolen from accounts as the result of a cyberattack. The theft comes as the country’s security service also claims to have fought off an attack against its financial services industry.

Reuters reports that the bank released a report on Dec. 2 describing a cyberattack that involved “faking a client’s credentials.” Further details were not available.

The stolen money came from accounts held by banking clients at the central bank, The Wall Street Journal reported.

Meanwhile, Russia’s Federal Security Service says it has taken steps to “neutralize” an attack against its financial system. In a statement, the FSB says it has received information that a large-scale cyberattack is planned starting on Dec. 5.

The attacks, which are expected to strike several dozen Russian cities, would be accompanied by the mass sending of SMS messages and a social network and media campaign telegraphing a crisis in the Russian financial system, the FSB claims.

SHIFT related Attack?

The command-and-control server for the attacks is located in the Netherlands and is run by a Ukrainian hosting company called BlazingFast, the FSB says.

Meanwhile, Russia’s Federal Security Service says it has taken steps to “neutralize” an attack against its financial system. In a statement, the FSB says it has received information that a large-scale cyberattack is planned starting on Dec. 5.

The attacks, which are expected to strike several dozen Russian cities, would be accompanied by the mass sending of SMS messages and a social network and media campaign telegraphing a crisis in the Russian financial system, the FSB claims.

The command-and-control server for the attacks is located in the Netherlands and is run by a Ukrainian hosting company called BlazingFast, the FSB says. BlazingFast responded on Facebook that it had not been contacted by the FSB but would cooperate if its network was used for illegal activity.

As soon as BlazingFast became aware of this report, we reviewed all our systems and network and we have not found any abnormal pattern changes that could lead to FSB’s allegations,” the company says.

Fears about attacks on banks have mounted since February when unknown cyber criminals stole $81 million in funds that Bangladesh’s central bank had on deposit at the New York Fed.

Law enforcement agencies around the globe are hunting for the criminals who stole the money using fraudulent wire-transfer requests sent over the SWIFT bank messaging network.

Separately, Russia said on Friday that it had uncovered a plot by foreign spy agencies to sow chaos in the country’s banking system via a coordinated wave of cyber attacks and fake social media reports about banks going bust.

Blowback

The targeting of Russia is not surprising given the mix of opportunist cybercriminals, politically motivated hackers and possible state-level actors worried about President Vladimir Putin’s muscle flexing.

In October, the U.S. blamed Russia for hacking the Democratic National Committee along with the email accounts of party officials.

The emails ended up on WikiLeaks and other websites, fueling unending media attention and further skewing an already unconventional presidential campaign (see Microsoft Says Russian DNC Hackers Targeted Zero-Day Flaws).

U.S. Vice President Joe Biden obliquely warned soon after the charge that the U.S. had the capacity to send a “message” to Russia and would do so when the circumstances have the greatest impact, according to The New York Times..

It’s not clear if the U.S. has acted yet. In January, the U.S. Treasury directly accused Putin of being corrupt, alleging that he has amassed a fortune that has been masked through longtime training and practices, according to the BBC.

U.S. spy agencies could conceivably be tasked with using offensive cyberattacks to expose Putin’s finances.

Russia has consistently denied the hacking accusations while casting itself as a victim. In July, the FSB said malicious software infected 20 organizations, with targets including public authorities, scientific and military institutions.

Website

Latest articles

Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users

Hackers are targeting, attacking, and exploiting ML models. They want to hack into these...

SolarWinds Serv-U Vulnerability Let Attackers Access sensitive files

SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a...

Smishing Triad Hackers Attacking Online Banking, E-Commerce AND Payment Systems Customers

Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes.Resecurity...

Threat Actor Claiming Leak Of 5 Million Ecuador’s Citizen Database

A threat actor has claimed responsibility for leaking the personal data of 5 million...

Ascension Hack Caused By an Employee Who Downloaded a Malicious File

Ascension, a leading healthcare provider, has made significant strides in its investigation and recovery...

AWS Announced Malware Detection Tool For S3 Buckets

Amazon Web Services (AWS) has announced the general availability of Amazon GuardDuty Malware Protection...

Hackers Exploiting MS Office Editor Vulnerability to Deploy Keylogger

Researchers have identified a sophisticated cyberattack orchestrated by the notorious Kimsuky threat group.The...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles