Wednesday, April 23, 2025
HomeData BreachBig Cyber Attack in Russia's Central Bank-Loses $31 Million

Big Cyber Attack in Russia’s Central Bank-Loses $31 Million

Published on

SIEM as a Service

Follow Us on Google News

Russia’s central bank saw 2 billion rubles (US$31 million) stolen from accounts as the result of a cyberattack. The theft comes as the country’s security service also claims to have fought off an attack against its financial services industry.

Reuters reports that the bank released a report on Dec. 2 describing a cyberattack that involved “faking a client’s credentials.” Further details were not available.

The stolen money came from accounts held by banking clients at the central bank, The Wall Street Journal reported.

- Advertisement - Google News

Meanwhile, Russia’s Federal Security Service says it has taken steps to “neutralize” an attack against its financial system. In a statement, the FSB says it has received information that a large-scale cyberattack is planned starting on Dec. 5.

The attacks, which are expected to strike several dozen Russian cities, would be accompanied by the mass sending of SMS messages and a social network and media campaign telegraphing a crisis in the Russian financial system, the FSB claims.

SHIFT related Attack?

The command-and-control server for the attacks is located in the Netherlands and is run by a Ukrainian hosting company called BlazingFast, the FSB says.

Meanwhile, Russia’s Federal Security Service says it has taken steps to “neutralize” an attack against its financial system. In a statement, the FSB says it has received information that a large-scale cyberattack is planned starting on Dec. 5.

The attacks, which are expected to strike several dozen Russian cities, would be accompanied by the mass sending of SMS messages and a social network and media campaign telegraphing a crisis in the Russian financial system, the FSB claims.

The command-and-control server for the attacks is located in the Netherlands and is run by a Ukrainian hosting company called BlazingFast, the FSB says. BlazingFast responded on Facebook that it had not been contacted by the FSB but would cooperate if its network was used for illegal activity.

As soon as BlazingFast became aware of this report, we reviewed all our systems and network and we have not found any abnormal pattern changes that could lead to FSB’s allegations,” the company says.

Fears about attacks on banks have mounted since February when unknown cyber criminals stole $81 million in funds that Bangladesh’s central bank had on deposit at the New York Fed.

Law enforcement agencies around the globe are hunting for the criminals who stole the money using fraudulent wire-transfer requests sent over the SWIFT bank messaging network.

Separately, Russia said on Friday that it had uncovered a plot by foreign spy agencies to sow chaos in the country’s banking system via a coordinated wave of cyber attacks and fake social media reports about banks going bust.

Blowback

The targeting of Russia is not surprising given the mix of opportunist cybercriminals, politically motivated hackers and possible state-level actors worried about President Vladimir Putin’s muscle flexing.

In October, the U.S. blamed Russia for hacking the Democratic National Committee along with the email accounts of party officials.

The emails ended up on WikiLeaks and other websites, fueling unending media attention and further skewing an already unconventional presidential campaign (see Microsoft Says Russian DNC Hackers Targeted Zero-Day Flaws).

U.S. Vice President Joe Biden obliquely warned soon after the charge that the U.S. had the capacity to send a “message” to Russia and would do so when the circumstances have the greatest impact, according to The New York Times..

It’s not clear if the U.S. has acted yet. In January, the U.S. Treasury directly accused Putin of being corrupt, alleging that he has amassed a fortune that has been masked through longtime training and practices, according to the BBC.

U.S. spy agencies could conceivably be tasked with using offensive cyberattacks to expose Putin’s finances.

Russia has consistently denied the hacking accusations while casting itself as a victim. In July, the FSB said malicious software infected 20 organizations, with targets including public authorities, scientific and military institutions.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Hackers Exploit Cloudflare Tunnel Infrastructure to Deploy Multiple Remote Access Trojans

The Sekoia TDR (Threat Detection & Research) team has reported on a sophisticated network...

Threat Actors Leverage npm and PyPI with Impersonated Dev Tools for Credential Theft

The Socket Threat Research Team has unearthed a trio of malicious packages, two hosted...

Hackers Exploit Legitimate Microsoft Utility to Deliver Malicious DLL Payload

Hackers are now exploiting a legitimate Microsoft utility, mavinject.exe, to inject malicious DLLs into...

Cybercriminals Exploit Network Edge Devices to Infiltrate SMBs

Small and midsized businesses (SMBs) continue to be prime targets for cybercriminals, with network...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Hackers Exploit Stolen Certificates and Private Keys to Breach Organizations

Recent research has unveiled a concerning vulnerability within the realm of containerized applications, where...

Gain Legends International Suffers Security Breach – Customers Data Stolen

Gain Legends International, a prominent name in sports, entertainment, and venue management, has confirmed...

43% of Top 100 Enterprise Mobile Apps Expose Sensitive Data to Hackers

A comprehensive study by zLabs, the research team at Zimperium, has found that over...