Categories: Data Breach

Big Cyber Attack in Russia’s Central Bank-Loses $31 Million

Russia’s central bank saw 2 billion rubles (US$31 million) stolen from accounts as the result of a cyberattack. The theft comes as the country’s security service also claims to have fought off an attack against its financial services industry.

Reuters reports that the bank released a report on Dec. 2 describing a cyberattack that involved “faking a client’s credentials.” Further details were not available.

The stolen money came from accounts held by banking clients at the central bank, The Wall Street Journal reported.

Meanwhile, Russia’s Federal Security Service says it has taken steps to “neutralize” an attack against its financial system. In a statement, the FSB says it has received information that a large-scale cyberattack is planned starting on Dec. 5.

The attacks, which are expected to strike several dozen Russian cities, would be accompanied by the mass sending of SMS messages and a social network and media campaign telegraphing a crisis in the Russian financial system, the FSB claims.

SHIFT related Attack?

The command-and-control server for the attacks is located in the Netherlands and is run by a Ukrainian hosting company called BlazingFast, the FSB says.

Meanwhile, Russia’s Federal Security Service says it has taken steps to “neutralize” an attack against its financial system. In a statement, the FSB says it has received information that a large-scale cyberattack is planned starting on Dec. 5.

The attacks, which are expected to strike several dozen Russian cities, would be accompanied by the mass sending of SMS messages and a social network and media campaign telegraphing a crisis in the Russian financial system, the FSB claims.

The command-and-control server for the attacks is located in the Netherlands and is run by a Ukrainian hosting company called BlazingFast, the FSB says. BlazingFast responded on Facebook that it had not been contacted by the FSB but would cooperate if its network was used for illegal activity.

As soon as BlazingFast became aware of this report, we reviewed all our systems and network and we have not found any abnormal pattern changes that could lead to FSB’s allegations,” the company says.

Fears about attacks on banks have mounted since February when unknown cyber criminals stole $81 million in funds that Bangladesh’s central bank had on deposit at the New York Fed.

Law enforcement agencies around the globe are hunting for the criminals who stole the money using fraudulent wire-transfer requests sent over the SWIFT bank messaging network.

Separately, Russia said on Friday that it had uncovered a plot by foreign spy agencies to sow chaos in the country’s banking system via a coordinated wave of cyber attacks and fake social media reports about banks going bust.

Blowback

The targeting of Russia is not surprising given the mix of opportunist cybercriminals, politically motivated hackers and possible state-level actors worried about President Vladimir Putin’s muscle flexing.

In October, the U.S. blamed Russia for hacking the Democratic National Committee along with the email accounts of party officials.

The emails ended up on WikiLeaks and other websites, fueling unending media attention and further skewing an already unconventional presidential campaign (see Microsoft Says Russian DNC Hackers Targeted Zero-Day Flaws).

U.S. Vice President Joe Biden obliquely warned soon after the charge that the U.S. had the capacity to send a “message” to Russia and would do so when the circumstances have the greatest impact, according to The New York Times..

It’s not clear if the U.S. has acted yet. In January, the U.S. Treasury directly accused Putin of being corrupt, alleging that he has amassed a fortune that has been masked through longtime training and practices, according to the BBC.

U.S. spy agencies could conceivably be tasked with using offensive cyberattacks to expose Putin’s finances.

Russia has consistently denied the hacking accusations while casting itself as a victim. In July, the FSB said malicious software infected 20 organizations, with targets including public authorities, scientific and military institutions.

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

View Comments

Recent Posts

Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit

The Evasive Panda group deployed a new C# framework named CloudScout to target a Taiwanese…

5 hours ago

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in…

6 hours ago

Sophisticated Phishing Attack Targeting Ukraine Military Sectors

The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215 against…

6 hours ago

Chinese Hackers Attacking Microsoft Customers With Sophisticated Password Spray Attacks

Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors to…

6 hours ago

New Windows Zero-Day Vulnerability Let Attackers Steal Credentials From Victim’s Machine

A security researcher discovered a vulnerability in Windows theme files in the previous year, which…

6 hours ago

SYS01 InfoStealer Malware Attacking Meta Business Page To Steal Logins

The ongoing Meta malvertising campaign, active for over a month, employs an evolving strategy to…

6 hours ago