Law enforcement in Russia have carried out the largest ever arrest of hackers in the country after rounding up 50 people that were allegedly responsible for stealing more than $25 million from Russian financial institutions. Russia’s Interior Ministry and Federal Security Service (FSB) carried out raids across the country that seized computer equipment, financial documents, and stockpiles of cash along with the arrests.
There were at least six banks that were targeted: Metropol, Metallinvestbank, Regnum, and Russian International Bank. The gang is thought to have stolen the money using Lurk, a malicious Trojan that was injected to several popular Russian websites. Anyone who visited one of these sites were infected. Once on a computer, Lurk then downloaded more malware which allowed the criminals remote access and to ultimately steal banking credentials. Eventually, they were able to get access to systems within the banks themselves.
Kaspersky labs helped profile the cyber thieves’ servers and computer network by analyzing their malware. Doing so put a halt to additional money transfers that would have netted the gang an additional $35 million.