Menu
Menu
Hackers stole millions from Russian banks with Cobalt Strike

Hackers stole millions from Russian banks with Cobalt Strike

"Waves of attacks" using Cobalt Strike recorded in 2017

Hackers stole more than 1 billion roubles (US$17 million) from Russian banks using the Cobalt Strike security-testing tool in 2017, a central bank official has revealed.

Russia is under intense scrutiny over cyber crime following allegations hackers backed by Moscow have attacked targets in the United States and Europe, accusations the Kremlin has repeatedly denied.

Russian authorities are now keen to show that Russia too is a frequent victim of cyber crime and that they are working hard to combat it.

Central bank Deputy Governor Dmitry Skobelkin told an information security conference in the Russian city of Magnitogorsk that 21 "waves of attacks" using Cobalt Strike had been recorded in 2017.

"More than 240 credit organizations were hit by the attacks, 11 of which were successful. The amount stolen was more than 1 billion roubles," he said.

Cobalt Strike is a security tool used to test the strength of an organization's cyber defenses, but it has also been used by hackers to attack banks in Russia and Europe.

A group known as Cobalt because of their use of the tool attacked cash machines in more than a dozen countries in 2016, using the malicious software to force the ATMs to spit out cash.

Skobelkin said the Russian central bank had sent warnings to more than 400 organizations which were targeted by the Cobalt group last year.

(Reporting by Jack Stubbs; Editing by Katya Golubkova and Susan Fenton)

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securitycyber securityrussiabanks

More about FentonStrike

Show Comments