Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Russian Hackers Target Cash Before Politics

Just as the scandal over alleged Russian hacking of the US Democratic Party erupted in June, police in Russia were rounding up a group known as Lurk. 

Just as the scandal over alleged Russian hacking of the US Democratic Party erupted in June, police in Russia were rounding up a group known as Lurk. 

In the underground world of Russian hackers, a shadowland of anonymous internet forums where users exchange the latest malware, Lurk was legendary. 

The group, active since 2011, was accused of stealing some three billion rubles ($47 million, 42.5 million euros) from Russian banks and aspiring hackers were keen to join.

Then more than 50 members, most of whom hailed from the Urals city of Ekaterinburg, were arrested in a sweeping raid that entailed 86 probes in 15 regions across the vast country. 

But despite the eye-catching operation, the crackdown on Lurk only touched the tip of the iceberg of a lucrative criminal industry.  

Moscow-based internet security giant Kaspersky Lab has estimated that there are over 1,000 hackers in Russia specializing in financial crimes. 

Between 2012 and 2015, by the company’s conservative estimate, Russian-speaking hackers stole at least $790 million across the globe.

Meanwhile, this type of illegal activity is flourishing.  

Advertisement. Scroll to continue reading.

“The number of financial cyber criminals is growing as the use of online banking rises,” explained Yury Namestnikov, the head of Kaspersky’s Russia research and analysis department. 

Adding to security woes are also the prevalence of smartphones — which are less well protected than computers — and the rise in “ransomware”, a technique that allows hackers to steal data and then ransom it back to the owner. 

“It is no secret that most of today’s crypto-ransomware has Russian roots, both in terms of the authors of the malicious code and of the actors who spread the malware and demand the ransom,” Kaspersky noted in a report.

– Soviet-style education –

For industry experts Russia’s dubious honour as a major power in the hacking world is no accident.

“We have good mathematics schools and Russians know how to code properly,” said Namestnikov. “What is special about the Russian hackers is that they have been active for so long.”

Artem Sychev is in charge of cyber security at Russia’s Central Bank and concurs that “Russian-speaking hackers were educated in the Soviet-style system,” whose emphasis on high-level maths and science continues today.

“They are most creative people, including unfortunately in the area of fraud,” he said.

– ‘Patriot hackers?’ –

The furore over the US election hacks has shone a spotlight on alleged ties between hackers and the Russian government.

Authorities in Washington have accused top-ranking Russian officials of directing attacks on the US aimed at undermining the election. 

CrowdStrike, the security firm that uncovered the hacking of the Democratic National Committee, said that the group behind it, Cozy Bear, was linked to Russian military intelligence.

Another group, Fancy Bear — which has hacked targets including the World Anti-Doping Agency — meanwhile has ties to the FSB spy agency, according to Crowdstrike. 

Russia has dismissed the allegations and said US politicians are blaming Moscow in a bid to drum up their polling numbers. 

Local experts insist the vast majority of hacking in Russia is aimed at thieving cash — not interfering in politics.

“99 percent of internet pirates are looking to steal money,” said Ilya Sachkov, founder of Russian security firm IB-Group.

“There are no patriotic hackers.”

Even while the Kremlin is adamant in denying a role in any of the hacking scandals, the authorities are certainly struggling to tackle the issue — and often appear to turn a blind eye. 

“Unfortunately, for Russian-speaking cybercriminals current conditions are more than favourable: the risk of prosecution is low while the potential rewards are high,” wrote Kaspersky. 

As an example, Russian hacker Yevgeny Bogachev has a $3 million price on his head from the FBI. 

His network of hackers — which operated from Ukraine and Russia before being dismantled in 2014 — stole more than $80 million from victims ma
inly in the US. 

Despite being wanted, Bogachev reportedly lives freely in the southern Russian city of Krasnodar.

Related: Russia Demands Explanation for US Military Hacking Reports

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.