Russian Authorities Cracked large Cyber Gang Last Month

Nakedsecurity.sophos.com reported during first week of June 2015 stating that the Interior Ministry of the Russian Federation and the country's Federal Security Service (FSB) detained members of a phishing crew based at St. Petersburg last month saying that the gang stole over 12 million rubles (about $218,000 or 141,000Pound as per the present exchange rate) from hundreds of bank accounts.

As per a statement of the Interior Ministry of Russia, two leaders of the gang were already on probation for similar fraud-related crimes at the time of investigation of the gang by authorities for a net-banking phishing scheme which compromised accounts of 7000 customers.

So far, authorities have recognized 264 victims, who lost an average of seventy thousand rubles ($1271/824Pound).

The Ministry has not disclosed the name of the two arrested gang leaders or their accomplices but they have released some interesting facts about them and their scam.

Forbes website cited a clue from a Russian cyber-security company Group-IB while reporting that the two gang chiefs were twins and their victims were mainly patrons of renowned Russian bank Sberbank, and other national banks.

The brothers would compromise Russian computers with malware designed to embezzle passwords for online banking.

However, the crooks accessed the bank account of the victim but they needed to bypass the mechanism of one-time-password (OTP) which was implemented by the financial institution to safeguard its clients from fraudulent transactions.

The codes are temporary and are generated by a physical device or sent by the bank to mobile phone of the client through short messaging service (SMS).

The twins resorted to cold calling the victims and introduced themselves as bank employees to collect the temporary password. Under this pretext, they would request for SMS one-time-password which allowed them access to the accounts in trying to drain them.

Group-IB said that they took three years to collect evidence against twin brothers.

While searching the flat of the twins, it became clear that criminals were well prepared for emergence of law enforcement: Group-IB said that the apartment had unbreakable door, electromagnetic transducer to demolish computer equipment and prepared special SMS alerts to covertly inform other members of the gang to annihilate any evidence.

» SPAMfighter News - 6/25/2015