A Russian-speaking hacking group has managed to steal nearly $10m (£7.5m) from more than 20 companies in Russia, the UK, and the US in the past two years.

 According to a report by firm Group-IB, the group, MoneyTaker has primarily targeted card processing systems by removing overdraft limits on debit cards and took money from machines.

“This is a sophisticated group of hackers,” Dmitry Volkov, head of Group-IB, tells Newsweek. “MoneyTaker managed to gain access to isolated segments of critical banking systems using tools, tactics, and trace elimination techniques that enabled them to go unnoticed for a long period of time.”

The investigation was done by the  Group-IB with the help of both Europol and the Russian government.

The reports suggest that the documents could be used by the hackers to attack in future.

 “MoneyTaker continues to pose a ,” Volkov says. “Given their propensity to change target-region after a series of successful attacks, and taking into consideration their interest in Latin American-focused systems, we predict this may be a future target for the group.”

The majority of the victims were small community based in the U.S, and the average cost of a successful attack was estimated to be $00,000.

“The success of replacement is due to the fact that at this stage the payment order has not yet been signed, which will occur after payment details are replaced,” the researchers say. “In addition to hiding the tracks, the concealment module again substitutes the fraudulent payment details in a debt advice after the transaction back to the original ones.”

“This that the payment order is sent and accepted for execution with the fraudulent payment details, and the responses come as if the payment details were the initial ones,” Group-IB added. “This gives cybercriminals extra time to mule funds before the theft is detected.”

The researching group has handed over details of the attacks to law enforcement.



Source link

No tags for this post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here