The Russian Central Bank has withdrawn licenses from at least three banks who are alleged to have hired hackers to break into their own systems and empty out depositors' account, secretly giving the money back to the bank less a commission.
Georgy Luntovsky, first deputy chairman of Russia's Central Bank, alleges that the practice is widespread and "many" banks have done it.
According to data from the Russian Central Bank, in Q4 2015 alone cyber-attacks resulted in the theft of more than 1.5 billion rubles (US$ 20 million) from the accounts of clients at some Russian banks and there is a strong suspicion that these attacks could have taken place with the knowledge of these banks and even with their direct participation.
Criminals were able to cash funds using real credit cards, making thousands of anonymous bank transfers and falsifying accounting details of the banks' counterparties.
At the same time, according to data provided by the Central Bank to SC, in addition to fake cyber-attacks on Russian banks, this year the number of cyber-attacks on non-credit financial institutions has also increased.
Russian bank licences revoked for using hackers to withdraw funds
[Eugene Gerden/SC Magazine]
(Image: Russian President Putin visits a Moscow branch of Sberbank, November 2001
, CC-BY)
