A select group of hackers gained access to the Russian regional bank by using malware. Once they were inside, they changed the ruble-dollar currency within minutes. They increased the currency value with more than 15%.
The Russian security company Group-IB which investigated the malware stated the following towards Bloomberg:
Russian-language hackers deployed a virus known as the Corkow Trojan to infect Kazan-based Energobank and place more than $500 million in orders at non-market rates in February 2015.
Dmitry Volkov which is the head of Group-IB’s cyber ntelligence department stated that:
This is the first documented attack using this virus and it has potential to do much more damage
He also stated that the malware was capable of infecting devices which were not connected to the internet:
Once the malware has penetrated a local network, it is sophisticated enough to infect computers that are even not connected to the Internet.
The Russian bank stated that the hackers were able to change the currency rate within 14 minutes:
The volatility lasted 14 minutes and caused the exchange rate to swing between 55 and 66 rubles per dollar, which “significantly differed from the prevailing market rate,” the central bank said in a statement on Dec. 17.