Russian Police Arrest 50 Hackers for Bank Fraud Using the Lurk Trojan

Russian law enforcement officers have arrested 50 hackers across the country involved in bank fraud using the Lurk trojan, following 86 raids in 15 regions. Fourteen main participants including the three primary organizers were arrested in the Sverdlovsk region. An estimated $45 million has been stolen by the gang, while a further $30 million loss has been prevented by the police. The investigation of the Lurk banking trojan gang was assisted by Kaspersky Lab. The hackers had been stealing money from bank accounts in Russia and other countries of the CIS through use of the malicious software known as Lurk. Lurk is an Android trojan that mimics the online banking app for Sberbank, Russia's largest bank. "It displays a similar login screen to the original app and steals user credentials as soon as the victim tries to authenticate," reports Zscaler in an analysis published on the same day as the arrests. It can also steal SMS messages and monitor incoming calls in order to defeat one-time passwords and PINs sent by banks as a second authentication factor. Once Lurk has been installed it is difficult to detect or remove. Visually there is no difference between the Sberbank app and the Lurk trojan. Technically it is difficult to detect because it resides in memory. As a result, it is not possible to uninstall this malicious app by revoking admin rights." How large of a threat is the Lurk trojan to the banking sector in western Europe and the US? Share your assessment with the Cloud and Cyber Security Center: http://cloudandcybersecurity.blogspot.com/