Russian Authorities Take Out World’s Largest Banking Botnet

Tuesday, June 26, 2012



Russia’s Ministry of the Interior (MVD) announced on Friday that their special computer crimes “Department K” division took down what could be one of the largest botnets in the world.

The botnet encompassed an approximate 6 Million devices with 4.5 million of them being computers.

After a 10 month investigation, Russian authorities arrested a 22 year old Russian who seemed to be the creator of the Botnet:

"The operative and investigative activities conducted revealed that the criminal activities were committed by a 22-year-old young man who is widely known in the hacker community under the nicknames of 'Germes' and 'Arashi'."

"The young man was not only developing bot-networks and massively distributing malicious programs but also personally took part in stealing funds from accounts of individuals and legal entities."

The suspect worked together with a group of partners and together stole over 150 Million Rubles ($4.5 Million) using Banking based Botnets:

"The criminal’s target was computers with the software “Bank-Client” installed on them. To infest them and further steal funds, he used programs such as Carberp of various modifications. Having obtained logins, passwords and digital signatures in this way, he transferred money allegedly on behalf of citizens and organizations to accounts of shell companies. Further on, the funds were transferred to plastic card accounts and cashed in automated teller machines."

According to the report almost all of the infected devices were located within the Russian Federation.


Possibly Related Articles:
Viruses & Malware
malware Botnets Banking Cyber Crime Headlines hackers Law Enforcement Russia
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.