Russian bank suffered a massive data breach that stole $25.7 million (around £17.8 million) from Russian banks.
The gang that stole the money, used spear phishing emails to send infected attachments to the customers Once opened, these attachments downloaded malware that created fraudulent transfer orders with instructions to send money to accounts controlled by the criminals.
Russian security firm Group-IB immediately launched an internal investigation into the incident and took preventive stpes.
TPRM report: https://scoringcyber.rankiteo.com/company/bank-of-russia
"id": "ban1820522",
"linkid": "bank-of-russia",
"type": "Data Leak",
"date": "03/2016",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Banking',
'location': 'Russia',
'name': 'Russian Banks',
'type': 'Financial Institution'}],
'attack_vector': 'Spear Phishing',
'description': 'Russian bank suffered a massive data breach that stole $25.7 '
'million (around £17.8 million) from Russian banks. The gang '
'that stole the money used spear phishing emails to send '
'infected attachments to the customers. Once opened, these '
'attachments downloaded malware that created fraudulent '
'transfer orders with instructions to send money to accounts '
'controlled by the criminals.',
'impact': {'financial_loss': '$25.7 million (around £17.8 million)'},
'initial_access_broker': {'entry_point': 'Phishing Emails'},
'investigation_status': 'Under Investigation by Group-IB',
'motivation': 'Financial Gain',
'response': {'third_party_assistance': 'Group-IB'},
'threat_actor': 'Unknown',
'title': 'Russian Bank Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Phishing/Malware'}