Hackers stole more than 1 billion rubles ($17 million) from Russian banks, a central bank official said on Tuesday.
Central bank Deputy Governor Dmitry Skobelkin told an information security conference in the Russian city of Magnitogorsk that 21 “waves of attacks” had been recorded in 2017. The hackers were using the Cobalt Strike security-testing tool, Skobelkin said.
Russia is under intense scrutiny over cybercrime following allegations hackers backed by Moscow have attacked targets in the United States and Europe, accusations the Kremlin has repeatedly denied.
According to Reuters, Russian authorities are now keen to show that the country, too, is a frequent victim of cybercrime and that they are working hard to combat it.
“More than 240 credit organizations were hit by the attacks, 11 of which were successful. The amount stolen was more than 1 billion roubles,” the deputy governor said.
Cobalt Strike is a security tool used to test the strength of an organization’s cyber defenses, but it has also been used by hackers to attack banks in Russia and Europe.
A group known as Cobalt because of their use of the tool attacked money machines in more than a dozen countries in 2016, using the malicious software to force the ATMs to spit out cash.
Skobelkin said the Russian central bank had sent warnings to more than 400 organizations which were targeted by the Cobalt group last year.
According to a report by the information security company Positive Technologies, before attacking banks, Cobalt pre-hacks the infrastructure of their partners – a quarter of all their attacks are accounted for by state institutions, telecommunications operators, and medical industry companies.
“Attacks on non-financial organizations are carried out with a view to preparing a springboard for subsequent attacks on banks. For example, attackers can send phishing emails on behalf of the regulator or a partner of the bank for which he provides services,” the report says.
