Skip to main content

Russian bank hit in major cyberattack

(Image credit: Image source: Shutterstock/alexskopje)

One of Russia's largest banks has been hit by a significant online attack.

The assault on Russia's PIR Bank was (most likely) carried out by a group called MoneyTaker, according to reports, with some $900,000 taken in the heist.

According to the reports, the attack started in late May, when the group managed to compromise a bank's router. Through the router, it entered the network and found a computer which it could compromise and use to cash out.

After that, it used paid helpers, AKA mules, to syphon out money from ATMs. This took place on July 3.

The bank allegedly spotted the syphoning as it was taking place and partially managed to stop it, but it couldn't recover much of the funds.

"Attacks on AWS-CBR are difficult to implement and are not conducted very often, because many hackers just cannot work on computers with AWS-CBR successfully," Valeriy Baulin, head of Group-IB's digital forensics lab, told the BBC.

"A 2016 incident, when МoneyTaker hackers withdrew about $2m using their own self-titled program, remains one of the largest attacks of this kind," he added.

The MoneyTaker gang seems to be notorious and well-known when it comes to stealing cash from banks and companies. Last year, the group was suspected of stealing some $10 million from Russian, American and UK companies.

Image source: Shutterstock/alexskopje