Today, Virus Bulletin published the paper we presented in Denver earlier this year titled Modern Attacks on Russian Financial Institutions. In this paper, we review the different actors targeting financial institutions in this region and which systems they are targeting.
Over the past few years, attacks against Russian financial institutions have increased substantially. One key aspect of this trend is the specialization of the threat actors. This is clearly visible in some of the attacks that are highlighted in our paper, such as the one targeting the ruble exchange rate. In this case documented by Group-IB, fraudsters were able to control a trading terminal, which they used to issue buy and sell orders for the Russian ruble.