Two Russian cybcercriminals are in police custody after accusations linking them to an Android malware campaign surfaced earlier this week. According to a blog post by Russian security firm Group-IB, who's assistance was pivotal in tracking down the hackers, Sberbank first detected the fraud against its customers in late 2013.
Based on a common Russian SMS message phishing scam using malicious links promising “romantic gifts,” this more insidious attack was able to access users' mobile banking information and steal funds directly from their accounts.
The two twenty-something hackers had been arrested earlier this year in the city of Archangel by officers from the Russian Ministry of Internal Affairs.
Group-IB CEO, Ilya Sachkov, spoke to the media about the incident: ”At a request by Sberbank, Group-IB provided support to the investigations in all the stages. Our security incident response centre CERT-GIB closely monitored and promptly blocked new malicious resources.”
Accordingly, the criminals' computer hardware, seized during the arrest, was also handed over to Group-IB's forensic lab for investigation and additional evidence.