Center for Strategic Assessment and forecasts

Autonomous non-profit organization

Home / Economy and Finance / The financial system of a new era / Articles
Hackers have created their own payment system to steal money from all the banks
Material posted: Publication date: 06-05-2016
Hackers tried to steal 1.5 billion rubles, which is about 1% of the total profit of Russian banks in 2015. For this, they have registered a payment system abroad.

The threat to banks

Law enforcement bodies managed to stop in 2015 attempt large-scale theft of money from almost all banks of Russia. This was stated by the head of the "K" in combating crimes in the field of computer security, the Ministry of internal Affairs of Russia Alexey Moshkov, reports "Interfax".

Control "To" prevent theft in the past year in the amount of 1.5 billion rubles, told RBC head of the press service of the "K" Alexander Vurasko. It's almost 1% of the total banks ' profits in 2015 (192 billion). The amount of actual damage is estimated at 400-600 million rubles., but it can grow, as it is declared new victims, and added Vurasko. Hackers have developed about hundreds of different schemes for the embezzlement of funds from the accounts as the banks themselves and their customers. "They have compromised the international payment system — they found the vulnerability and wrote software that would allow to generate fraudulent payment documents, but the use of this software failed to stop," says Murasko.

Visa payment system and its VisaNet processing network have not been compromised, said in response to the press-service Visa to a request to RBC. "We think the examples referred to by the representative of the interior Ministry, relate to third-party processing companies that are not related to Visa. So we can't comment on them", — said in response.

According to Vurasko, hackers nearly paralyzed the banking system, compromising the system of exchange of interbank messages (the most used by the Russian banks from the international system SWIFT, but the interior Ministry did not disclose information, it is or not).

To withdraw funds from the accounts of hackers created and registered its own payment system. As said, Vurasko, it was registered in the foreign jurisdiction and comply with all international standards. "It is possible that the necessary registration documents, the hackers sent an e-mail, in some countries the registration mode allowed," he said.

Source RBC in one of the international payment systems suggests that the system could be registered in one of the countries of the CIS. "The legislation of Europe and the United States does not provide for registration of payment systems," he adds. Source via another payment system says that in Asian countries such a regime is not.

The staff of the Ministry of internal Affairs detained a criminal group in November last year. However, in January of this year, two major Russian Bank was again attacked by hackers. It was a new group, but it was associated with arrested in November and consisted of 40-60 people. "Hackers attacked two banks from the first hundred, processing centers of banks gave commands to transfer funds from the accounts, money began to leave the millions, and the Central Bank even had to turn these banks from BESP," says Murasko. Members of this group also was detained.

The ideologist of the criminal group — 30-year-old Muscovite with a higher education, his name, MIA did not disclose in the interests of the investigation.

Hackers come

Representatives of the MIA say that if before the hackers stealing the money mostly customers of the banks, but now they are developing such programs, which allow you to write off money from the accounts of the banks themselves, which they have opened, for example, in other banks.

According to the Central Bank, in 2014 from the accounts of citizens and companies, the hackers wrote off 3.5 billion roubles From cards, the scammers off of 1.58 billion. Most of this amount (over 1 billion rubles.) scammers stole via the Internet Bank and mobile application. Amount of fraudulent transactions made through remote service channels, increased by 44.8%. At the end of 2015, the savings Bank has estimated Russia's losses from cybercrime at $1 billion, and as said the first Deputy Chairman of the Bank, Lev Khasis, the justification for reducing the damage from such crimes there.

In the beginning of this year Digital Security company released a survey, in which experts predicted that in 2016, the banks and their customers will face an increase in hacker attacks — will increase the number of attacks on users using the so-called social engineering, where the fraudsters stimulate users to set their own malicious software. Also in 2016 there will be an increasing number of attacks on customer accounts through attacks on banks themselves, predicts the company. The attacker can capture various internal systems, including payment systems, payment platforms for public services, mobile communication, Internet. "The seizure of control over such a platform will allow customers to withdraw money from the electronic wallets", warned earlier the Director of audit security Digital Security Alexey Tyurin.


Tags: finances

RELATED MATERIALS: Economy and Finance
Возрастное ограничение