Croup of cybercriminals Cron, consisting of 20 people, was uncovered and detained by operatives of the Ministry of Internal Affairs of the Russian Federation. With the help of a malicious program implemented on smartphones, criminals stole more than 50 million rubles. , The official representative of the agency Irina Volk.
Approximately 3.5 thousand smartphone owners per day fell into the trap of hackers. Members of Cron acted according to the well-established scheme: they sent SMS with a link activating the banking Trojan, or through infected clones of mobile applications such as viber. Apk, Google Play. Apk and Google_Play. Apk, masquerading as official programs.
Once on the phone, the virus could gain control over the operating system and send money via mobile banking to the accounts of hackers. At the same time, the malicious program not only abducted financial assets, but also concealed notifications from the bank about the movement of money on accounts, told "The newspaper. Ru "in the company Group-IB, which provided active assistance to the Ministry of Internal Affairs in the investigation of this case.
It should be noted that hackers exploited the vulnerability of the Android operating system, which, on the one hand, is the most widespread operating system in the world, and on the other hand, has the weakest internal protection. Given this, Cron's members were able to profit not only money in Russian accounts, but also abroad. In the summer of 2016 g. With Trojan Trojan. Z they attacked the banks of Credit Agricole, Assuarance Banque, Banque Populaire, BNP Paribas, Boursorama, Caissee Pargne, Societe General and other lending organizations in France, Germany, Great Britain and a number of other countries.
The Interior Ministry suspects that the leader of the gang is a 30-year-old resident of Ivanovo, but it included citizens who lived in Ivanovo, Moscow, Rostov, Chelyabinsk, Yaroslavl regions and the Republic of Mari El. Law enforcers detained all members of Cron. With regard to four of them, the court ruled to detain for the duration of the investigation, the rest were released on freedom from recognizance.
The criminal case is open on part 4 of Article 159. 6 of the Criminal Code - "Fraud in the field of computer information".