Gang Responsible For Android Banking Malware Busted By Police

A gang that goes by the name of 'Cron' was recently looking to add some new members to its organization in order to increase their number and strength. In a rather dumb move by the gang, they ended up posting a help wanted ad on an underground hacking forum in the hopes getting some attention.

Instead, the group's ad was spotted by a security firm Group IB and the Russian Law Enforcement agency. This led to a series of raids by the authorities which resulted in 20 arrests, the recovery of hundreds of computers, numerous payment cards and many sim cards that were registered to different fake IDs.

The Russian authorities are known to be lenient towards the local cybercriminals, until and unless they started targeting their own country and own countrymen. This is exactly what 'The Cron' ended up doing. According to a report by the IBB group and the Russian Military, the gang's targets followed a tried and tested technique.

The gang would distribute a trojanized version of banking apps and other popular mobile apps in order to log the credentials of the user. Once the app is installed on the target's phone, the Trojan would look for login credentials and two-factor verification codes that are sent by SMS.

Using this method, the gang would steal a nominal amount from each of their victim's bank account which would not be more than a few hundred dollars. This would help them lay low and avoid the authorities. The gang ended up stealing around $890,000 from their Russian victims. Accounts from famous banks like Sberbank, Alfa-Bank, and Qiwi payment were compromised using this Trojan.