UPDATE: Cobalt, Silence hackers steal 58 mln rbl from banks in 2018 – cbank

(Adds comments in last 2 paragraphs)

ST. PETERSBURG, Jul 5 (PRIME) -- Russian banks lost at least 44 million rubles from attacks of hacker group Cobalt in 2018 and at least 14.4 million presumably from group Silence, much less than in 2017, the central bank said on Friday in a report.

Cobalt orchestrated 23 hacker attacks on local banks in 2018 and Silence held 15 attacks, the regulator said.

Group Lazarus managed to withdraw from automated teller machines of local lenders big sums stolen from foreign banks successfully at least twice.

“FinCERT (the central bank’s information security arm) received information on 687 attacks, including 177 targets attacks on credit and financial institutions in 2018,” the document read.

The central bank registered 97 DDoS attacks and 413 non-target attacks in 2018.

Hackers started using services of the banks, which were earlier robbed, for mailouts of malware letters, the regulator said.

Company Positive Technologies said, as quoted in the report, “Three quarters of banks are vulnerable to attacks through social engineering methods. Bank employees follow links mentioned in phishing letters in 75%, in 25% of the banks they enter their account data into a faked form of authentication.”

“In 25% of financial institutions at least one employee makes malware run on their corporate computer. At that nine out of 10 advanced persistent threat groups use phishing at the stage of penetration.”

(63.4013 rubles – U.S. $1)

End