Russian police conduct massive hacker arrests

News by Eugene Gerden

Russian police arrest hacker group suspected of unauthorised access to the accounts of about a million users of Russian online stores and cashing out their bonus points.

The Russian police are reported to have completed a successful operation which resulted in the arrest of a hacker group suspected of unauthorised access to the accounts of about a million users of Russian online stores and other servers.

The report has been confirmed to SC Magazine UK by representatives of the "K" department of the Ministry of Internal Affairs of Russia, which specialises in the fight against cyber-crime.

The suspected hackers were charged under part 2 of Art. 272 of the Criminal Code of the Russian Federation ("Illegal access to computer information"), which provides for up to four years of imprisonment.

According to the Russian Kommersant business paper, citing  Group IB, the arrested hackers specialised in cracking the accounts of  people who participated in loyalty programmes run by online stores, online taxis, payment systems and betting companies. The average number of bonus points on these accounts was equivalent to about RUB 6,000 (£75) per account.

Total losses caused by the activities of the hacker group has not been disclosed, however, according to some sources in the Russian Ministry of Internal Affairs it is believed to be in the range of £20 million to £40 million.

Initial investigations began in November 2015 after a massive cyber-attack on the site of a large online store in Russia. Experts at K department told SC Magazine UK that the investigation discovered hackers had collected the compromised credentials and data from various Internet services on hacker forums and, with the help of special programs, automatically scanned passwords for these credentials.

If the logins and passwords matched, they hacked into the user account, checked the amount of accumulated bonuses and sold the accounts on hacker forums at a price of £4 per account or 10 to 30 percent of the nominal balance of the account. Buyers subsequently used them to pay for product bonuses.

Sergey Lupanin, head of the Investigation Department of Group-IB said the  scale of the activities of hackers is a consequence of the careless actions of users of online services toward the protection of their accounts.

He also added that uniform and weak passwords for accessing accounts in different online services simplify the task of the attacker so that once the combination is identified it becomes "the key to all the doors", explains Lupanin.

Overall, the number of cyber-attacks in Russia increased by almost one third in the first quarter of 2018 on a year-on-year basis. At the same time, the share of attacks intended to obtain information is steadily increasing, in contrast to attacks aimed at immediate enrichment. The data is resold on the black market or used for further attacks.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews

Interview - Everyone has an Achilles heel: The new security paradigm

How can we defend networks now that the perimeter has all but disappeared?
Brought to you in partnership with ExtraHop