According to experts, a year ago Russian-speaking hackers introduced a virus known as a Trojan Cork to system Energobanku of Kazan. They led to the execution of orders of foreign currency worth over $ 500 million after non-market rates. Within a few minutes they caused a change in the exchange rate of the ruble to the dollar by more than 15 percent. This provoked a reaction of the central bank of Russia, who ordered the investigation of potential market manipulation.
Group-IB, which explored the mechanism of the attack on behalf of Energobanku announced that the software used for running the test can get into your system through seemingly safe websites or files. What’s worse, Trojan Korkowa regularly updated, making it invisible to antivirus programs. As a result, it infected 250 thousand. computers around the world and over 100 financial institutions, argues Group-IB.
– This is the first documented attack using the virus and has the potential to make a major damage – said Dmitry wolves, the head of the cell recognition in the Group-IB. – When malware penetrate the local network is intelligent enough to infect computers that are not even connected to the Internet – he added.
The Moscow Stock Exchange announced that its system is not compromised during the incident in February 2015. In its investigation, the central bank said Russia is not manipulating the exchange rate. He stressed that the fluctuations could be due to trader error.
The increased volatility in the currency market lasted 14 minutes. The exchange rate of the ruble to the dollar fluctuated during this period between 55 and 66 rubles, which significantly differed from the dominant market rate.
Energobank claimed last year that suffered 244 million rubles ($ 3.2 million) losses on transactions ordered by the malware. But there is no evidence that hackers earned on these operations. Group-IB warned that he could be the only test against future attacks. The company also said that the same virus was used in August last year, during the attack on the Russian payment card scheme, which resulted in ATMs were stolen hundreds of millions of rubles.
No comments:
Post a Comment