Cybersecurity

Russian Hackers Moved Ruble Rate With Malware, Group-IB Says

  • Hackers moved ruble-dollar rate more than 15% in 14 minutes
  • Corkow Trojan malware behind more than $500 million in trades
Photographer: Simon Dawson/Bloomberg
Lock
This article is for subscribers only.

Hackers used malware to penetrate the defenses of a Russian regional bank and move the ruble-dollar rate more than 15 percent in minutes, according to a Moscow-based cyber-security firm hired to investigate the attack.

Russian-language hackers deployed a virus known as the Corkow Trojan to infect Kazan-based Energobank and place more than $500 million in orders at non-market rates in February 2015, Group-IB told Bloomberg, without identifying individuals behind the attack. The resulting rate swing prompted a Russian central bank investigation into potential market manipulation.