Russian Cyber-Criminals Plunder US $790 Million in Three Years, Says Report

Published: 23 November 2015

"There are more Trojans out there."

By Stella Roque

A group of 160 Russian cybercriminals netted over US$ 790 million worldwide between 2012 and 2015, according to a new report by Ruslan Stoyanov, head of investigations into computer incidents at Kaspersky Lab cybersecurity firm.

Stoyanov stressed that the figure is made up only of losses that have been confirmed by law enforcement. The real sum may be much higher, since the exact number of groups operating across Russia and Eastern Europe remains unknown.

“There are a lot of active groups now, and the total damage caused by them is much higher,” a Kaspersky spokesman told the OCCRP.

Earlier this year, the firm reported on the activities of the Carbanak cybergang, who pulled off a US$ 1 billion heist in an unprecedented series of digital bank robberies in Ukraine.

In the newest report, Kaspersky’s investigation team claims to have identified five major cybercrime gangs of 10 to 40 people each that specialize in financial crimes.

Their targets reportedly included Russia, the US, the UK, Australia, France, Italy and Germany.

Stoyanov said that those from disbanded criminal groups go on to work for new groups.

Arrests of Russian-language cybercrime suspects rose in 2015. However, organized crime groups have reportedly recruited another 1,000 new people to build digital infrastructures and write and distribute malware code to steal money and stash it away.

“One of the most common types of cybercrime [is] the turnover of stolen payment card data,” said Stoyanov.

“[Distributed denial of service, DDoS] attacks and financial cybercrime have become especially popular with the fraudsters whose main targets are users’ payment data or the theft of money directly from user accounts or companies,” he added.

The criminals are recruited either through criminal websites or job adverts in mainstream media for full-time staff or project-basis freelancers who may or may not be aware of their role in illegal activities.

Stoyanov said the criminals often recruited people who seemed new to cybercrime.

Kaspersky’s computer incidents team has investigated more than 330 cybersecurity cases since 2013, and has linked more than 95 percent of them to the theft of money or financial information.

The report lists a series of major Trojan horse virus attacks in the past few years as well as digital bank robberies launched by groups such as Carberp and Carbanak.

“There are more Trojans out there,” warns the report.