ESET Researchers Offer Breakdown of Threats on Russian Financial Institutions in their Latest Paper

The recent ESET paper, Modern Attacks on Russian Financial Institutions, presented at the Virus Bulletin conference in Denver this past October is now available to the public. The paper offers a breakdown of the many APTs in Russia, focusing on trends in attacks against financial institutions – of which there are more than 600 – and analyzes many of the criminal groups operating in this area.

Recently, the Central Bank of Russia reported that criminals attempted to steal RUB 2.87 billion from Russian financial institutions. According to their report the AWS CBC (Automated Working Station of the Central Bank Client software) was attacked. However, some have mistakenly assumed, that the Central Bank of Russia was the primary target of the attack.

“The confusion arose from the fact that a few publications claimed that the central bank of Russia was the victim of this theft. However, during this type of attack, money is stolen from banks using AWS CBC, not from the Central bank,“ explains Jean-Ian Boutin, Malware Researcher at ESET. 

Attacks on the AWS CBC are one of the many types of attacks we highlighted in Modern Attacks on Russian Financial Institutions. “We also discuss attacks on ATMs, card processing systems, SWIFT terminals and trading terminals,” concludes Boutin.

For more in-depth information please visit ESET’s newspage