All news

Hackers attack dozens of Russian banks sending letters on behalf of Central Bank

The download of the files from the letters allowed attackers to gain access to the information system of the banks

MOSCOW, 16 March. / TASS /. Hackers attacked dozens of Russian banks by sending letters on behalf of FinCert on Tuesday, March 15, Kaspersky Lab said in a report on Wednesday.

FinCert is a structure of the Central Bank, which warns financial institutions of cyber threats.

"On March 15, dozens of Russian banks became targets of cyberattacks by means of sending malicious messages to electronic addresses of their employees. The peculiarity of this attack was that cybercriminals posed as FinCert, a special department of the Central Bank, created about a year ago to inform Russian banks on security incidents in the financial sector,"- according to the report.

The malefactors registered the domain name fincert.net, which allowed them to send letters from the addresses similar to the current address of FinCert.

Their letters contained alleged security files which in reality were malicious software. The download of the files allowed attackers to gain access to the information system of the banks.

The newsletters were sent as addressed mails - each letter started with the name of a specific recipient. Cybercriminals had collected a special database of contacts, presumably on the basis of the materials of industry conferences or official documents of a number of banks.

In late 2015-early 2016, the cyber police of Russia’s Interior Ministry prevented a series of cyberattacks that jeopardize the security of the entire country's banking system.

According to the police, fraudsters managed to "compromise" the largest international payment systems such as Visa and MasterCard. Criminals intended to steal about 3 billion rubles ($42 mln).