Russian hackers use malware to manipulate Russian currency value
It is well known that hackers are interested in stock and the currency markets. In August, 2015, FBI had managed to infiltrate and bust a $30 insider trading racket with international hackers who hacked into the computer systems of wire service providers like PRNewswire Association LLC, Marketwired and Business Wire, a unit of Warren Buffett’s Berkshire Hathaway Inc. Once they had access to the servers, the hackers had access to the press releases issue by firms listed on DJIA and NASDAQ before the same was made public. Using this insider information, the gang members entered in profitable trades on the stock exchange.
Now Russian hackers have managed to up the ante by allegedly jacking up the Ruble-Dollar exchange rates for a whole 14 minutes to make handsome profit from the exercise.
The hackers used malware to infiltrate a regional Russian bank and manipulate the ruble-dollar exchange rate by more than 15 percent in minutes, according to a cybersecurity firm investigating the attack. According to the researchers hackers used a virus called Corcow Trojan to accomplish their nefarious task.
Corcow trojan has reportedly infiltrated 250,000 computers worldwide and infected over 100 financial institutions. Anti-virus softwares are not effective against the Corcow Trojan, which can hide undetected in a bank’s systems for more than six months.
The hackers used Corcow Trojan to open a backdoor into Kazan-based Energobank’s systems in February 2015, and then place over $500 million in orders at non-market rates, Group-IB told Bloomberg.
The swing in the exchange rates was immediately noticed by Russian central bank and it has started an investigation into possible market manipulation.
“This is the first documented attack using this virus and it has potential to do much more damage,” said Dmitry Volkov, the head of Group-IB’s cyber intelligence department. “Once the malware has penetrated a local network, it is sophisticated enough to infect computers that are even not connected to the Internet.”
The Moscow Exchange has said that its systems were not hacked in the incident. A separate investigation by the central bank found no evidence of currency manipulation, blaming the swing — which lasted 14 minutes and caused the exchange rate to fluctuate from 55 and 66 rubles per dollar — on traders’ mistakes.