Skip to main content

Wannabe Russian Bank Malware Attacked Millions Of Android Devices, Stole People’s Money


Android Cron Malware
A malware named Cron was deployed by a 16-membered hacker group in Russia which infected more than a million Android devices across the country by faking itself as banking apps. The hacker group was arrested last year before they could manage to affect banks in other countries.

Russia’s name was prominent on the list of the countries affected by the WannaCry malware. According to a report by Reuters, the nation was affected by another malware called ‘Cron’ which disguised itself as fake banking apps and pornography web clients. It got onto Russian users’ devices by finding a place in online search results.
The malware was created by a 16-memebered hacker group in Russia which also called themselves Cron after the malware. The first traces of malware date back to mid-2015 and on November 22, the core members of the group were arrested before they could target other countries.
A security research firm Group-IB was given the task of investigating the cyber attack. They revealed that the Cron malware affected more around 3,500 devices per day totaling to more than a million Android devices.
Sberbank, Alfa-Bank, and online payments firm Qiwi were among the affected firms. The prime task of the Cron malware was to pull funds from people’s bank accounts by sending text messages to the bank from the infected devices.
An amount up to $120 was transferred to one of the 6,000 fraudulent accounts. The hackers also made sure that user doesn’t get notified about the unwanted transfers by intercepting and blocking the confirmation SMS texts. In total, the malware managed to steal more than 50 million Rubbles ($892,000).
Before their arrest, the hacker group had further plans to expand the reach of their malware to other banks operating in Britain, Germany, France, US, Turkey, and others. According to Group-IB, in June 2016, the hackers subscribed to a $2,000/mo rental plan for a malware called ‘Tiny.z’ which was optimized by its creators to attack mobile banking systems in the respective countries.
Dmitry Volkov, the head of investigations at Group-IB, suggested two points that led to the success of Cron malware. “First, the large-scale use of partner programs to distribute the malware in different ways.”
“Second, the automation of many (mobile) functions which allowed them to carry out the thefts without direct involvement,” Volkov said in a statement.
Cyber attacks like these expose the dangers of the SMS-based payment systems deployed by the banks, according to Lukas Stefanko who is a security researcher at a Slovakia-based firm ESET. SMS-based banking is a handy option in regions where there is a scarcity of internet infrastructure.
“It’s becoming popular among developing nations or in the countryside where access to conventional banking is difficult for people,” Stefanko said.
“For them it is quick, easy and they don’t need to visit a bank… But security always has to outweigh consumer convenience.”
It’s not that banks in Russia have been a part of a cyber attack. Last month, a group hacker manages to steal $800,000 cash from Russian bank ATMs using a malicious program called Disappearing malware.
If you have something to add, drop your thoughts and feedback inside comments below.

Comments

WHAT'S HOT

Learn How To Download Videos From Popular Platforms Such As YouTube, Facebook, Twitter, Instagram And Any Others

Having trouble downloading that video your crush shared on Instagram or one of those adorable cat videos on YouTube? Refer our guide to learn how to download videos from popular platforms such as YouTube, Facebook, Twitter, Instagram and many others.

Microsoft Has Released The First Windows 10 Build 16353 For Insiders

As Fall Creators Update is nearing its release, Skip Ahead was announced last month. It enables fast ring users to continue receiving new features, though the RS_PRERELEASE

Amazon Cuts Huawei Watch 2 Price To $194.99

Huawei's latest smartwatch has received a temporary price cut in the United States. There is no word on how long the promotion will last, but those interested

Apple Has Confirmed The LTE Issues With Its New Watch Series 3

Before the product starts shipping on Friday, Apple has confirmed the existence of LTE issues with its new Apple Watch Series 3. Reviewers noted the wearable has