Dyre malware disrupted after Russian authorities raid Moscow film company office

Russian authorities disrupted cybercrime group responsible for spreading Dyre malware Reuters

Russian authorities have raided the offices of a Moscow-based film company named 25th Floor, which was allegedly involved in the world's most notorious financial hacking operation. According to cybersecurity experts Dyre — a malicious software designed to steal passwords — has not been in use since the time of the raid. The malware is responsible for about tens of millions of dollars losses at financial institutions such as Bank of America and JP Morgan Chase.

Although a number of people were being interrogated by the Russian authorities, it is not known yet whether anyone has been arrested or charged. However, the November raid has gained attention among Western cybercrime watchers.

Sources familiar with the matter told Reuters that the Dyre malware investigation was aided by well-known cybersecurity firm Kaspersky Lab, which would reveal the details about the case at its annual conference for security experts to be held on Sunday, 7 February. The Dyre hackers used several techniques to insert malware into consumer web browser to manipulate the communication between costumers and more than 400 financial institutions.

Advertisement

"We have seen a disruption over the last few months that is definitely consistent with successful law enforcement action," said John Miller cybercrime expert at iSight Partners.

25th Floor distributes movies and TV shows in Russia and other East European and near-east countries. It is currently busy in the production of a movie called Botnet; a cybercrime thriller based on a 2010 case in which 37 people from the US and other parts of the world were charged for a $3m (£2.07m) scam.

Most of the people charged in the case were all low-level operators and the masterminds were never named. The hackers back then used a programme called Zeus to hack back accounts. According to the law enforcement this was related to the present day Dyre attack.

Ilya Sachkov, the chief executive officer of Group IB, a Moscow-based computer security company, said 25th Floor hired his firm to advise the Botnet director and writers on the detailed aspects of cybercrime. Sachkov was initially approached by Nikolay Volchkov, the chief executive officer of 25th Floor.

"He asked if we would be interested in consulting with a scriptwriter they would hire in the US," said Sachkov. In November 2015, he got a call from Volchkov asking him to meet. "He was afraid. His colour was totally white. He knows there is an ongoing investigation about cybercrime," said Sachkov.

© Copyright 2017 IBTimes Co., Ltd. All Rights Reserved.