Moscow based cyber security giant Kaspersky Labs says a Russian hacker gang of just 20 members has raked in $790 million by hacking into and emptying bank accounts around the world.
The company’s investigation unit head Ruslan Stoyanov says $509 million came from individuals and businesses in the U.S. and Europe, with the remainder from within Russia.
With the help of Kaspersky, Russian police have recently arrested 160 Russian cybercriminals using the virus trojan.s. The offenders range from lone wolves to members of large hacker gangs.
Stoyanov says the amount of estimated cash stolen is based on official crime data and therefore is likely to be on the conservative side.
“This estimate is based both on the analysis of public information about the arrests of people suspected of committing financial cybercrime in the period between 2012 and 2015 and on Kaspersky Lab’s own data,” Stoyanov says.
“Of course, this figure only includes confirmed losses, the details of which were obtained by law enforcement authorities during the investigation. In reality, cybercriminals could have stolen a much larger amount.”
Stoyanov, who used to be with the Kremlin’s cyber crime unit, says some hacks may not have been reported as the bank account owners may not want authorities to know amounts.
The Russian underground has recruited more than a thousand hackers since 2012. Kaspersky Labs has a lot of data on those individuals and says it knows of five major cybercrime groups that are right now ripping cash from consumers. He says the hacker gangs are made up of web designers, system operators, programmers, and “cryptors who obfuscate malware in ways that help it to evade security software”.
“Cybercriminal system administrators configure management servers, buy abuse-resistant hosting for servers, ensure the availability of tools for anonymous connection to the servers (VPN) and resolve other technical challenges, including the interaction with remote system administrators hired to perform small tasks,” he says.
Gang members are either paid wages or a percentage of what is taken, and are recruited through cyber forums or even through “brazen public advertisements that often target underprivileged techs in areas like war-torn Ukraine”.
“To a certain extent, the structure reflects that of an ordinary, average-sized company engaged in software development,” says Stoyanov.
In the last two years, Kaspersky Labs has investigated 300 online financial hack attacks.
Stay Connected