For the first time in three years, hackers managed to steal money from the bank's correspondent account with the Central Bank
Hackers hacked the Central Bank of the Russian Federation and stole 500 million rubles
The hackers carried out a successful attack on one of the Russian banks through the automated workstation of the Bank of Russia client (AWP KBR). This is stated in the report of Group-IB “Big jackpot. Threats to Financial Institutions ”.
“In February 2021, specialists from the Group-IB computer forensics laboratory were involved in responding to an incident in one of the Russian banks, during which the attackers were able to gain access to the interbank transfer system of the KBR AWP,” writes Group-IB.
The attack, which, according to experts, the MoneyTaker group may be behind, began in June last year through the compromise of a company affiliated with the bank. Within a month, hackers gained access to the bank's network, and in the next six months they investigated it.
In January of this year, scammers registered fake domain names similar to the bank's name, using .org and .com instead of the original .ru. In February 2021, digital keys were stolen. Later they were used to sign payments passing through the transport gateway of the Bank of Russia. After that, the hackers manually copied the fake signed payments into a special folder in the AWS KBR system.
According to a RBC source close to the Central Bank, hackers were thus able to steal more than half a billion rubles. Another source in the cybersecurity market noted that the "not-so-large bank" was affected. Another interlocutor knows that it was a small bank not from the first hundred.
Коментарі
Дописати коментар
Олег Мічман в X: «Donations and support for media resources, bloggers, projects, and individuals. https://t.co/HPKsNRd4Uo https://t.co/R6NXVPK62M» / X
https://twitter.com/olukawy/status/1703876551505309973