A gang of 50 hackers suspected of stealing more than 1.7 Billion Rubles (over US$25 Million) from banks and other financial institutions in the country since 2011 arrested by Russian authorities.
The same criminal gang had tried to steal a further 2.273 Billion Roubles by issuing false payment instructions, but that were blocked.
The group allegedly used a Trojan called “Lurk” to set up a network of bots on infected computers to carry out the attacks, according to Russia’s FSB (Federal Security Service).
Initially identified in 2012, Lurk is a “fileless” Trojan that runs in RAM and has mostly been used for collecting banking credentials, especially for banks in Eastern Europe and the Russian Federation.
The hackers then stole login names and passwords for victims’ online bank accounts, especially accounts held at Sberbank, Russia’s largest bank in terms of assets held.
The criminal gang allegedly seeded some of Russia’s most popular websites with Lurk. Once infected, the malware downloaded more software modules, allowing the hackers to gain remote access to victims’ computers.
Sberbank helped the Russian authorities to conduct a large-scale operation in 15 regions of Russia and detain around 50 people; 18 of those are currently behind bars in Moscow.
All of the 50 suspects were charged with the development, distribution and use of malicious computer programs.