Hackers stole $31 million from Russian banks in 2016, as FSB warns of foreign plot

Nyet again!

Graham Cluley
Graham Cluley
@[email protected]

Hackers steal $31 million from Russia's central bank

Update: Thanks to Aleks Gostev, a researcher at Kaspersky Labs, who has brought to my attention that Russia’s Central Bank has denied the media reports that it lost $31 million to hackers. Instead, the $31 million is said to be the total amount of money stolen by hackers from all Russian banks during 2016. Which is, one must admit, quite a different story.

The original article is included below for transparency.

Reuters reports:

Sign up to our free newsletter.
Security news, advice, and tips.

Hackers stole more than 2 billion rubles ($31 million) from correspondent accounts at the Russian central bank, the bank said on Friday, the latest example of an escalation of cyber attacks on financial institutions around the globe.

Central bank official Artyom Sychyov discussed the losses at a briefing, saying that the hackers had attempted to steal about 5 billion rubles.

Around $26 million of the stolen funds have been recovered by freezing bank accounts that the hackers were using to squirrel away the cash.

Details of precisely how the heist was conducted have not been revealed, but there has been quite a history of hackers attacking Russian banks by targeting e-payment systems, installing malware on ATM management infrastructure, amongst other techniques.

And it’s not just a problem in Russia. As we have previously reported, malicious hackers have been busy targeting financial organizations – and specifically users of the SWIFT banking network – stealing hundreds of millions of dollars in the process.

Meanwhile, the Financial Times curiously reports that Russian security services have warned that it has uncovered a plot to abuse text messaging services and social networks in an attempt to trick Russians into believing that major financial institutions are on the brink of bankruptcy.

The warning, posted on the FSB’s website, claims that the attack was planned by a unnamed foreign country for Monday December 5th, and is designed to provoke a run on the banks.

All of which underlines the importance of trust. Financial panics, bank runs and huge robberies only contribute to shaking the trust of consumers and businesses in banks.

If we can’t trust banks, with all of their resources, to protect money from falling into the hands of online thieves – who can we trust to do a decent job?

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.