Russian hackers stole 860,000 euros from Raiffeisen Romanian bank in one night

Cozy Bear

According to securityaffairs reports, on one evening in 2016, a theft group successfully stole 3.8 million slopes (Romanian currency, equivalent to approximately 860,000 Euros) from 32 ATMs at the Romanian branch of Raiffeisen Bank in Austria.

After more than a year of investigation or hunting, the Romanian Organized Crime and Counterterrorism Office (DIICOT) has recently successfully arrested the gang leader, Russian hackers Dmitriy Kvasov.

According to DIICOT’s findings, the theft group formed by Dmitrii Cvasov and other criminals launched a spear-phishing attack on the Raiffeisen Bank’s Romania branch between August 9, 2016, and September 4, 2016. During the attack, they sent an e-mail to the bank’s employees with malicious RTF files.

The group disguised from the European Central Bank made the e-mail more convincing, and the malicious RTF file contained code that could trigger loopholes in the banking system.

After controlling the banking system, the gang gained full control of the ATM. This means that they can instruct the ATM to automatically “spill” cash until all cash has been emptied.

It is worth noting that these 32 ATMs are not concentrated in a single bank but are distributed throughout Romania. This includes cities such as Iasi, Bucharest, Suceava, Timisoara, Constanta, Ploiesti, Orasti, and Crevicia. In addition, this theft occurred on the same night and at the same time.

In Romania, investigations of such thefts are often conducted under confidential conditions. At the same time, the Bank’s management did not disclose more details about the case.

Source: securityaffairs