Skip to main content
  1. Home
  2. Mobile
  3. News

Russian Android malware infects millions of phones, drains bank accounts

By

Can cops and hackers track your phone
blurAZ/Shutterstock
Hackers used mobile malware to steal hundreds of thousands of dollars from bank customers. That’s according to Reuters, which reported on May 22 that cybercriminals tricked Russian users of Google’s Android operating system into downloading malicious apps.

The group of 16 Russian hackers, operating under the code name “Cron” after the malware they used, disguised the malware as fake banking applications and pornography web clients. When Android users in Russia searched online, the search engine results would suggest the fake apps.

Recommended Videos

The core members of the group were arrested on November 22 last year, before they could mount attacks outside Russia. But according to Group-IB, the cyber security firm investigating the attack with the Russian Interior Ministry, the Cron group infected more than a million smartphones in Russia at a rate of 3,500 devices a day.

Please enable Javascript to view this content

“Cron’s success was due to two main factors,” Dmitry Volkov, head of investigations at Group-IB, said in a statement. “First, the large-scale use of partner programs to distribute the malware in different ways. Second, the automation of many (mobile) functions which allowed them to carry out the thefts without direct involvement.”

Related

They targeted customers of Sberbank, Alfa Bank, and online payments company Qiwi, exploiting SMS text message transfer services. The group sent texts from infected devices instructing the banks to transfer money to the hackers’ accounts — up to $120 to one of the 6,000 fraudulent accounts. And they intercepted the transaction confirmation codes, preventing the victims from receiving a messages notifying them about the transaction.

They’d planned to go after large European banks including French lenders Credit Agricole, BNP Paribas, and Societe General, according to Group-IB.

Cron malware, which was first detected in mid-2015, had been in use for more than a year before the arrests. The Russian hackers rented a “Tiny.z,” a piece of malware designed to attack checking accounts systems, for $2,000 a month in June 2016, and adapted it to target European banks in Britain, Germany, France, the United States, and Turkey, among other countries.

Lukas Stefanko, a malware researcher at cyber security firm ESET in Slovakia, told Reuters that the exploit highlighted the dangers of SMS messages in mobile banking.

“It’s becoming popular among developing nations or in the countryside where access to conventional banking is difficult for people,” he said. “For them it is quick, easy, and they don’t need to visit a bank … But security always has to outweigh consumer convenience.”

Editors’ Recommendations

Topics
Kyle Wiggers
Kyle Wiggers
Former Digital Trends Contributor
Kyle Wiggers is a writer, Web designer, and podcaster with an acute interest in all things tech. When not reviewing gadgets…
Motorola is already updating some phones to its Android 15 beta
The Android 15 logo on a smartphone.

Android fans can breathe a sigh of relief. The long-awaited Android 15 is finally here and is rolling out to compatible smartphones. We knew the release was coming; in fact, we reported on it rolling out to Pixel devices yesterday, and Motorola had already confirmed that it would be coming to a wide range of devices.

According to a report from GSMArena, some users have begun to see Android 15 beta show up on the Motorola Edge 50 Fusion, but it's likely that the update is also hitting other Edge 50 models. These phones are currently receiving the Android 15 beta update, but the full version will make its way to these handsets, too — possibly by the end of the year if we assume the current update is a test of stability for the OS.

Read more
It’s almost 2025, and it’s time to end the Android vs. iPhone debate
A photo showing the back of the Apple iPhone 15 Pro Max, Huawei Pura 70 Ultra, Google Pixel 3a, Google Pixel 9 Pro, Huawei P30 Pro, and the Samsung Galaxy S24 Ultra.

I had the iPhone 11 for over four years. It was the first iPhone I owned. It stayed with me through the COVID-19 pandemic and two overseas trips — one to Hawaii and the other to Spain.

When the time came to upgrade, it was only natural for my entire family to want to get their hands on the iPhone 16. I, on the other hand, wanted to get the Samsung Galaxy Z Flip 6. However, that didn't happen — and the reason why is infuriating.
A very real (and very annoying) issue

Read more
The Samsung Galaxy A16 sets a new record for budget Android phones
Galaxy A16 banner Samsung.

We've known that Samsung's next lineup of budget phones was on the way, especially after all of the information that leaked last week. Now, we have confirmation on several elements of the phone, but the most important of them all is the incredible (and unheard of) six years of security patches the Galaxy A16 5G will receive from launch. That means it will be fully up to date until October 31, 2030.

We reported on this possibility a couple of weeks ago, but now it's confirmed — and that's a big deal. Many budget phones only receive two years of security patches post-launch. The Galaxy A16 5G's six years of support puts it only one year behind Samsung's flagship models in the Galaxy S24 series. For a phone as cheap as the Galaxy A16, that's incredible.

Read more