Through 2016-2017, Russian-language hacker group MoneyTaker has stolen approximately 72 million rubles from Russian banks, Group-IB, a company that deals with the prevention and investigation of cybercrime, confirmed in a statement.
The main targets for those hacking into banks are card processing systems, as well as inter-bank transfer systems – the Russian ARM CBD (automated workstation of the Bank of Russia client) and, presumably, the American SWIFT platform, experts say. The company notes that MoneyTaker have remained seemingly undetected for quite some time.
“It’s not just about the tools of deception the group uses, but also the apparent lack of a ‘signature’ that points to them specifically.”
“Another characteristic feature: after a successful attack, the hackers do not hurry to flee the crime scene, but continue to spy on a bank’s employees after hacking the corporate network by sending incoming messages to Yandex and Mail.ru in the format email@example.com,” adds Group-IB.
At the moment, information about the activities of the MoneyTaker group is directed by Group-IB to both Europol and Interpol.