Cybercrime group steals millions from Russian banks, targets US and European retailers
A sophisticated group of cybercriminals has stolen over US$25 million by hacking into the infrastructure of numerous financial institutions in Russia and former Soviet Union countries, as well as into point-of-sale systems belonging to U.S. and European retailers.
Researchers from Russian cybercrime investigations firm Group-IB and Dutch security firm Fox-IT have dubbed the cybercriminal group Anunak, after the primary malware program in its toolset.
Unlike most cybercrime operations where attackers target the customers of financial institutions, the Anunak group targeted the institutions themselves, compromising their internal networks, workstations and servers. This access allowed them to transfer funds to accounts under their control and in some cases even to compromise ATMs, which they then used to withdraw money fraudulently.