Dyre crackdown, the biggest effort to date by Russian authorities against cybercrime

Russian authorities raided offices of a Russian film distribution and production company as part of an operation against the Dyre gang.

Russian law enforcement and intelligence agencies in November raided offices of a Russian film distribution and production company as part of an operation against one of the world’s most notorious cybercrime ring.

The authorities were supported by the experts at Kaspersky Lab who confirmed the involvement and announced it would reveal details about the operation at its annual conference.

This is the biggest effort to date of Russian authorities against the cybercrime.

Experts believe that the ring is responsible for the distribution of the infamous Dyre banking trojan that caused overall losses for more than tens of millions of dollars.

The list of victims includes names like Bank of America Corp and JPMorgan Chase & Co.

According to the Reuters that published the news in exclusive, authorities haven’t commented the operations, meanwhile the CEO of the film company refused to provide further information.

“A spokesman for the Russian Interior Ministry’s cybercrime unit said his department was not involved in the case. The FSB, Russia’s main intelligence service, said it had no immediate comment.

Nikolay Volchkov, the chief executive of the film company named 25th Floor, said he could not answer questions about the raid.” wrote the Reuters.

Reuters clarified that it has no evidence that Volchkov or the film company is directly involved the criminal organization.

The unique certainly is that rarely criminal rings operating in from Russian are persecuted by the government if they don’t target Russian organizations.

According to the Heimdal Security, in November 2015 more than 80.000 machines were already infected with Dyre Trojan across the world. The experts at Dell SecureWorks estimated that more than 400 financial institutions have fallen victim of the infamous trojan.

Dyre is usually downloaded by the malicious trojan Upatre, it is a powerful malware capable to perform man-in-the-middle attacks through browser injections and harvest the victim’s credential.

The experts believe that the operation of the Russian authorities has successfully beheaded the organization behind the Dyre Trojan.

“We have seen a disruption over the last few months that is definitely consistent with successful law enforcement action,” explained security expert John Miller from iSight Partners.

There is another mystery in the story, the film company was working on a production called Botnet. a film on cybercrime ring with a story that has many similarities with the Dyre gang.

The company also hired the firm Group-IB to advise the Botnet director and writers on the finer points of cybercrime.

Group-IB CEO, Ilya Sachkov, said he met Volchkov at a security conference.

“He asked if we would be interested in consulting with a scriptwriter they would hire in the United States,” Sachkov said.

In November, Sachkov received a strange and an urgent call from Volchkov, saying he needed to meet.

“He was afraid. His colour was totally white,” said Sachkov. “He knows there is an ongoing investigation about cybercrime.”

Pierluigi Paganini

(Security Affairs – Dyre crackdown, hacking)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

11 hours ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

15 hours ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

21 hours ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

24 hours ago

Finnish police linked APT31 to the 2021 parliament attack

The Finnish Police attributed the attack against the parliament that occurred in March 2021 to…

1 day ago

TheMoon bot infected 40,000 devices in January and February

A new variant of TheMoon malware infected thousands of outdated small office and home office…

2 days ago

This website uses cookies.