The actual target of hackers was to steal (5 billion rubles) - $78 million - but due to the intervention of the central bank’s authorities, they only managed to get away with (2 billion rubles) - $31 million - . The bank’s authority reduced the intensity of the attack by redirecting the funds, said security executive of the central bank Artiom Sychev.
In the same incident, it was also identified that hackers also tried to steal cash from private banks and were partially successful. However, it isn’t yet confirmed by the central bank of Russia if hackers were trying to impact the worldwide financial system or not with this latest attack.
The idea comes from the analysis of Symantec Security’s researchers that there is a very dangerous hacking group dubbed as "LAZARUS", which is trying to bring down the global banking system. It is believed that the group is operating from North Korea. However, the involvement of "LAZARUS" in the attack on Russia’s central bank is not yet confirmed.
On Friday, the Russian government notified the press that there was an attempt by malicious cyber criminals to disrupt the trust that their public have on the national financial system, which was foiled by the concerned Russian authorities.
As per the investigations conducted (FSB), Federal Security Service of Russia, the hackers used a collection of computer servers based in the Netherlands to carry out the hack attack on Russian banks. Their objective is to destabilize Russian financial system. This sort of infrastructure is typically used to conduct a DoS (denial of service) attack. In such an attack, websites are flooded with huge data traffic and resultantly the sites’ operations are halted.
Furthermore, hackers planned to harm the otherwise positive reputation of Russian banks by spreading the fake news about their trustworthiness. In this regard, text messages and fake stories were posted on social media that alarmed the citizens questioning the financial stability and licenses to operate the banking system. FSB also identified that the computer servers were registered with a Ukrainian web hosting firm known as BlazingFast.
The attacks allegedly started in 5th December and were accompanied by a series of fake text messages and social media posts claiming that the Russia’s leading banks will soon be collapsed and the country’s financial system is nearing its downfall.
BlazingFast’s director Anton Onoprichuk stated that until now no intelligence agency has gotten in touch with the company and that he was awaiting further details to emerge from the ongoing investigation by the FSB in order to conduct its own analysis.
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
