Sign in / up

back to article Cybercrooks slurp nearly $1m from Russian bank after pwning router at regional branch

Hackers stole almost $1m from a Russian bank earlier this month after breaching its network via an outdated router. PIR Bank was looted by the notorious MoneyTaker hacking group, according to Group-IB, the Moscow-based security firm called in by the bank to handle incident response. Funds were stolen on 3 July through the …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Version 1.0 Silver badge

    Computers+dosh = theft?

    We read about this all the time, at what point will we come to the conclusion that while computers make it easier to get rid of humans in the workforce, they are costing everyone a lot of money. Sure, people steal too - but when people do it, it's a lot easier to catch them.

    5 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      'at what point will we come to the conclusion'

      The promised benefits from getting rid of humans for robots is pure Tech-Hype... The next generation of automation will bring eye-watering theft / fraud. More fallout from 'Swift' transfers etc!

      0 0 Reply
  2. whoseyourdaddy

    Oh, that's terrible....

    Oh, it's them?

    Right on! Carry on then...

    1 2 Reply
  3. Anonymous Coward
    Linux

    Russian Central Bank's Automated Workstation Client

    By any change would this 'Automated Workstation Client' run on Microsoft Windows and was compromised by a malicious email attachment?

    MoneyTaker: 1.5 years of silent operations

    2 0 Reply
    1. Voland's right hand Silver badge
      Reply Icon

      Re: Russian Central Bank's Automated Workstation Client

      By any change would this 'Automated Workstation Client' run on Microsoft Windows and was compromised by a malicious email attachment?

      It is Automated. The most likely point of compromise was the data fed to it - any PC with appropriate access to the bank internal systems.

      2 1 Reply
      1. Muppet Boss
        Reply Icon

        Re: Russian Central Bank's Automated Workstation Client

        Automated like in "with the help of a computer". A better translation would probably be an Automated Workplace of the Central Bank's Client (yup these guys are serious about names). This is just a Windows program, think of SWIFT Alliance Workstation (SAW). Search for "Рекомендации по настройкам АРМ КБР" to witness this funky bit of user interface for yourself. I would not be surprised if it was installed on a generic desktop inside the bank's shared LAN w/o any extra segmentation and with a few deferred Windows patches to ensure system stability; the bad hats would want to obtain access into the LAN by one of the various means and then it could be as easy as locating the correct PC, firing the scripts and letting their pet fintech boy spend some quality time.

        2 0 Reply
  4. Frenchie Lad

    ATM's

    Can anyone explain how its possible to take a $1 million (or equivalent in Roubles for that matter) out of a ATM in a day? Surely this would require many a barren of mules and manyt ATMs.

    This could only have occurred abroad as luckily we have NatWest in the UK - the ATMs would just stop working or should I say TSB?

    1 0 Reply
    1. katrinab Silver badge
      Reply Icon

      Re: ATM's

      If the withdrawal limit is eg $500 per day, then put the money in 1000 accounts, create 1000 cards for them, easy if they are magnetic, not so easy if the machines require chip cards, then withdraw $500 on each of them just before midnight and another $500 just after midnight.

      2 0 Reply
    2. Anonymous Coward
      Reply Icon
      Anonymous Coward

      'how its possible to take a $1 million out of a ATM in a day?'

      I always wondered what's to stop all the mules just running off with money?

      0 0 Reply
      1. MonkeyCee
        Reply Icon

        Re: 'how its possible to take a $1 million out of a ATM in a day?'

        "I always wondered what's to stop all the mules just running off with money?"

        Strong attachment to their family members, friends, limbs, life etc. Dislike of concrete shoes.

        If you're a professional crook, then both your reputation and patronage are much more important than a single "score". Even if you go on the lam, you'll be running for the rest of your life. Setting yourself up as an example to be made "pour encourage les autres" is bad wherever you are, but when working for OC it would seem pretty fatal. Probably painfully so.

        I'd also expect them to be working in a pair or small group, with some amount of collective responsibility.

        4 0 Reply
      2. katrinab Silver badge
        Reply Icon

        Re: 'how its possible to take a $1 million out of a ATM in a day?'

        The mules buy the cards at a discount to their account value.

        0 0 Reply
    3. MonkeyCee
      Reply Icon

      Re: ATM's

      "Surely this would require many a barren of mules and manyt ATMs."

      Depending on account limit, probably many mule accounts. No need for massive numbers of physical mules, since they can handle a few hundred cards each.

      There certainly have been cases where the mule card limits have also been raised/removed.

      1 0 Reply
    4. Muppet Boss
      Reply Icon

      Re: ATM's

      There, one fully loaded ATM usually contain $30-80k in cash in the dollar equivalent. In large shopping center there' often an ATM room with 10+ ATMs from various banks. Daily limits are between $1.5-10k for individuals. For commercial entities, e.g. a sole trader, can be $100k+. The news mentioned 17 banks. If every mule had accounts in all 17... not too many mules.

      1 0 Reply
  5. Anonymous Coward
    Anonymous Coward

    Bbbbbut we're told the Russians are the boogie men....

    Head explodes.

    0 0 Reply
    1. Adrian 4
      Reply Icon

      Re: Bbbbbut we're told the Russians are the boogie men....

      We have always been at war with Eurasia.

      Let us commence the two-minute hate of Emmanuel Goldstein / Osama bin Laden / Vladimir Putin

      It serves the government well to have enemies for the people to hate. It doesn't much matter who they are, as long as they're not the government.

      0 0 Reply
    2. Alan Brown Silver badge
      Reply Icon

      Re: Bbbbbut we're told the Russians are the boogie men....

      What you tend to forget about mafia wars is that they tend to war with each other far more than anyone else. There might well be a bunch of thugs in the Kremlin but they don't have control of all the gangs in Russia, nor do they have control of all the chemical and other weapons - which should be scarier than governments having this stuff because governments by necessity are far more restrained from using them.

      The factor that someone in the White house is in deep to a large bunch of Russian money launderers shouldn't distract from the issue that there are several such bunches and they're not best buddies with each other.

      1 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: Bbbbbut we're told the Russians are the boogie men....

        Funny how they're only Russians...

        0 0 Reply
      2. Anonymous Coward
        Reply Icon
        Big Brother

        Re: Bbbbbut we're told the Russians are the boogie men....

        ".. There might well be a bunch of thugs in the Kremlin but .. The factor that someone in the White house is in deep to a large bunch of Russian money launderers shouldn't distract .."

        Not to mention parts of the Washington military industrial complex ploting to depose a duly elected President.

        0 0 Reply

  6. This post has been deleted by its author

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like