Last week, Tripwire explored the story of Brandon Bourret and Athanasios Andrianakis, two men who developed an app that scans Photobucket users’ private photo albums in search of naked selfies.
We now report on a pair of twin Russian hackers who allegedly gained unauthorized access to more than 7,000 Russian bank accounts using social engineering techniques.
The siblings, whose names have yet to be revealed to the public, allegedly masterminded a criminal plot that targeted customers of state-owned Sberbank, Russia’s biggest financial organization, as well as other large national banks.
After visiting a compromised website, a victim would be infected by banking Trojans controlled by the twins, reports Forbes. This malware would then display a fake login page whenever the user attempted to sign into a bank account, which enabled the hackers to steal their username and password.
To obtain the user’s SMS code, which many large financial organizations around the world require in order to authorize a transfer of funds, the twins employed social engineering techniques. These tactics included calling the victim while posing as a bank representative in an attempt to convince the user into giving the twins their SMS code, as well as leading them to another fake website where they would be asked to enter in their authorization number.
In total, the twins were able to gain unauthorized access to more than 7,000 Russian bank accounts between 2013 and 2015, reveals a statement issued by the Russian Ministry of Interior Affairs. Each compromised account yielded 70,000 rubles ($1,320) on average, but some yielded as many as 1 million ($19,000). In some months, the hackers stole as much as 1.5 million rubles ($28,300).
It is believed that the twins made as much as $250,000 in less than two years using their scam.
During their ongoing criminal activity, the hackers were all the while on probation for previous fraud-related crimes. They therefore went to great lengths to avoid being caught by local law enforcement again, which included purchasing an armored door for their their apartment and and an electromagnetic transducer to make data on their computer equipment inaccessible.
But these measures did not deter law enforcement authorities. For three years, the Russian Ministry of Internal Affairs along with the Federal Security Service of the Russian Federation (FSB) and Group-IB, a Russian computer-intelligence firm, collected evidence on the twins’ activities.
Their efforts culminated in the events of May 20, when local law enforcement arrived at the twins’ apartment, broke down the armored door, and arrested the hackers before they had a chance to dispose of the evidence and cash.
A number of associates were also detained in the sting. These persons’ names also have yet to be identified.
It is believed that the criminals are now awaiting trial.