Law enforcement authorities in Russia have arrested an unnamed 32-year-old man who is believed to be part of a cybercrime ring that made up to $8,000 per day using Android banking Trojans.
According to Russia-based cybersecurity firm Group-IB, the suspect is an unemployed Russian national who had previously been convicted for arms trafficking. He was arrested earlier this month and reportedly already confessed.
The cybercrime group used a malicious Android app named “Banks at your fingertips” to trick the customers of Russian banks into handing over their financial information. The banking Trojan was disguised as a tool that claimed to allow users to access all their bank accounts from one Android app. It offered users the possibility to view balances, transfer money between payment cards, and pay for online services.
The malicious app, distributed via spam emails since 2016, instructed users to enter their card details, which were then sent to a server controlled by the attackers. The cybercrooks transferred between $1,500 and $8,000 per day from victims’ bank accounts, $200-$500 at a time. The criminal proceeds were laundered using cryptocurrencies.
The malware also helped the attackers intercept the SMS confirmation codes sent by banks, at the same time blocking all text messages confirming transactions in an effort to avoid raising suspicion.
While Russia has occasionally collaborated with Western law enforcement agencies to bring down global cybercrime operations, it has often turned a blind eye to the activities of hackers who have mainly targeted the United States.
Four Russian nationals are currently on the FBI’s Cyber Most Wanted list, including the alleged administrator of a massive cybercrime scheme involving the Zeus Trojan, and three people believed to have been involved in attacks on Yahoo that resulted in roughly 500 million accounts getting compromised.
The Russian government has defended some of the alleged hackers arrested by the United States – in one case Moscow accused Washington of abducting the son of a lawmaker.
On the other hand, the government has been known to crack down on cybercrime rings that target Russian citizens. Police have arrested 50 hackers believed to have used the Lurk Trojan, the creator of the Svpeng Android malware, and nine people who allegedly stole $17 million from bank accounts.