November 23, 2015 By Pierluigi Paganini © Security Affairs
According to Kaspersky Lab, bad actors in the Russian underground have stolen more than $790 Million over 3 years, from 2012 to 2015.

According to the experts at Kaspersky Lab, Russian criminal rings have stole roughly $790 Million over 3 years (from 2012 to 2015), more than $500 million of that is from victims located outside the Russian.

The cyber gangs targeted individuals, businesses, and financial institutions across the world, a new report from Moscow-based Kaspersky Lab shows.

The experts at Kaspersky estimated the losses by analyzing the information gathered from over 160 arrests of Russian-language speaking cybercriminals as well as data gathered during their investigation. Unfortunately, this data could represent only the tip of the iceberg, in many cases attacks are undetected and it is not easy to provide an estimation of the losses.

“With online financial transactions becoming more common, the organizations supporting such operations are becoming more attractive to cybercriminals. Over the last few years, cybercriminals have been increasingly attacking not just the customers of banks and online stores, but the enabling banks and payments systems directly. The story of the Carbanak cybergroup which specializes in attacking banks and was exposed earlier this year by Kaspersky Lab is a clear confirmation of this trend.” reads the Kaspersky’s report.

The experts noticed that the Russian underground has become even more crowded and despite the numerous arrests made by law enforcement a growing number of bad actors is finding cybercrime an attractive and profitable business.

More than 1,000 individuals have been recruited by the Russian cyber criminal rings over the last three years, most of them involved in the development of malware and set up of control infrastructure.

The researchers at Kaspersky have identified at least five cyber gangs focused specifically on financial crimes. We are facing with organized structures composed of 10 to 40 people which are operating for at least two years.

“At least two of them are actively attacking targets not only in Russia but also in the USA, the UK, Australia, France, Italy and Germany.” continues the report.

These organizations operate like regular businesses offering a large number of services and products. The Russian underground focuses its offer on hacking solutions and credit card frauds.

“All of these “products” and “services” are bought and sold in various combinations in order to enable four main types of crime. These types can also be combined in various ways depending on the criminal group:”

  • DDoS attacks (ordered or carried out for the purpose of extortion);
  • Theft of personal information and data to access e-money (for the purpose of resale or money theft);
  • Theft of money from the accounts of banks or other organizations;
  • Domestic or corporate espionage;
  • Blocking access to data on the infected computer for the purpose of extortion;

The experts observed that preferred currencies for transactions in Russian underground includeBitcoin, Perfect Money, and WebMoney.

The Russian cyber underground offers a lot of job opportunities for wannabe cyber-criminals, there are offers for both skilled and novice people.

InCyber Comments:

The InCyber PAS Pro-Active and Predicting System has been proven 100% effective against Insider Threats. For additional information write We are now offering a Free Insider Penetration Test for up to 500 Employees using your own historical data.