The Russian-speaking hackers removed overdraft limits on debit cards and took money from cash machines, according to a report by cybersecurity company Group-IB. Furthermore, they have also stolen documentation for technology used by more than 200 banks in the US and Latin America.
The group used a combination of publicly available tools and custom-written malware to access banking systems, according to Group-IB. In at least one instance, the group used the home computer of a Russian banks system administrator to access its internal network, according to the report.
Other tactics included changing the servers used to infect banking systems’ networks and using secure sockets layer (SSL) certificates - data files that verify a web browser’s authenticity - that appeared to be issued by big names such as the Federal Reserve Bank.
Group-IB has worked with both Europol and the Russian government to investigate cybercrime. MoneyTaker has reportedly netted an average of USD 500,000 in 16 attacks against US companies and USD 1.2 million in three attacks against Russian banks since May 2016.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now