Skip to main content

Wannabe Russian Bank Malware Attacked Millions Of Android Devices, Stole People’s Money


Android Cron Malware
A malware named Cron was deployed by a 16-membered hacker group in Russia which infected more than a million Android devices across the country by faking itself as banking apps. The hacker group was arrested last year before they could manage to affect banks in other countries.

Russia’s name was prominent on the list of the countries affected by the WannaCry malware. According to a report by Reuters, the nation was affected by another malware called ‘Cron’ which disguised itself as fake banking apps and pornography web clients. It got onto Russian users’ devices by finding a place in online search results.
The malware was created by a 16-memebered hacker group in Russia which also called themselves Cron after the malware. The first traces of malware date back to mid-2015 and on November 22, the core members of the group were arrested before they could target other countries.
A security research firm Group-IB was given the task of investigating the cyber attack. They revealed that the Cron malware affected more around 3,500 devices per day totaling to more than a million Android devices.
Sberbank, Alfa-Bank, and online payments firm Qiwi were among the affected firms. The prime task of the Cron malware was to pull funds from people’s bank accounts by sending text messages to the bank from the infected devices.
An amount up to $120 was transferred to one of the 6,000 fraudulent accounts. The hackers also made sure that user doesn’t get notified about the unwanted transfers by intercepting and blocking the confirmation SMS texts. In total, the malware managed to steal more than 50 million Rubbles ($892,000).
Before their arrest, the hacker group had further plans to expand the reach of their malware to other banks operating in Britain, Germany, France, US, Turkey, and others. According to Group-IB, in June 2016, the hackers subscribed to a $2,000/mo rental plan for a malware called ‘Tiny.z’ which was optimized by its creators to attack mobile banking systems in the respective countries.
Dmitry Volkov, the head of investigations at Group-IB, suggested two points that led to the success of Cron malware. “First, the large-scale use of partner programs to distribute the malware in different ways.”
“Second, the automation of many (mobile) functions which allowed them to carry out the thefts without direct involvement,” Volkov said in a statement.
Cyber attacks like these expose the dangers of the SMS-based payment systems deployed by the banks, according to Lukas Stefanko who is a security researcher at a Slovakia-based firm ESET. SMS-based banking is a handy option in regions where there is a scarcity of internet infrastructure.
“It’s becoming popular among developing nations or in the countryside where access to conventional banking is difficult for people,” Stefanko said.
“For them it is quick, easy and they don’t need to visit a bank… But security always has to outweigh consumer convenience.”
It’s not that banks in Russia have been a part of a cyber attack. Last month, a group hacker manages to steal $800,000 cash from Russian bank ATMs using a malicious program called Disappearing malware.
If you have something to add, drop your thoughts and feedback inside comments below.

Comments

WHAT'S HOT

Fappening 2.0 Continues: Modern Family Actress Sarah Hyland Has Become The Latest Victim Of Notorious Hackers [Private Photos, Video Leaked]

Modern Family actress Sarah Hyland has become the latest victim of notorious hackers. Her private pictures and video have been posted online on infamous website Celeb Jihad. According to media sources, Sarah’s lawyers are planning to take legal action against the websites who choose to publish the leaked material. Meanwhile, the actual powers behind the leak are unknown.

Fedora 26 Released with Biggest Features - Download Here

Fedora 26 is the latest version of Fedora operating system. This version ships with the default GNOME 3.24 desktop environment andLinux kernel 4.11.8. Fedora 26 also marks the release of a new spin in the form of LXQt desktop edition. The other major change is the Fedora

Supermassive Black Holes Found Orbiting Each Other For The First Time

Image Credit: UCR Researchers from Stanford University have identified super-massive binary black holes at the center of Galaxy 0402+379 about 750 billion light years away. The two of the black holes are just 24 light years apart and one of them is orbiting the other. This is the first

Samsung Overtakes Fitbit In Wearable Sales For First Time

Fitbit has been a top competitor on the global wearable market for a long time, but the South Korea giant Samsung managed to steal the silver crown of the wearable market from Fitbit. According to Strategy Analytics, Samsung gained the