A Nazi-themed malware control panel- The Spveng Gang (pc- www.forbes.com) |
A 25-year-old has been arrested by The Russian Ministry Of Internal Affairs for creating a particularly harmful strain of Android-money stealing malware ‘Spveng’, which had infected around 350,000 google devices last year. The officers have also arrested four other individuals of the cybercriminal gang, who are reportedly fond of Nazi iconography.
This particular campaign was a huge concern for the Russian Police as it robbed at least 50million rubles ($930,000) from innocent citizens and the country’s largest bank Sberbank picked up on attacks in 2013 prior to becoming an ally in the investigation. However, in the US, UK and Europe, Android users were also attacked by Svpeng.
According to reports, the existence of the Svpeng was first brought to light in July 2013 by Kaspersky Lab, whose products detect the threat as Trojan-SMS.AndroidOS.Svpeng.
According to Group-IB, the Russian cybercriminals first started stealing money from their victims’ accounts by using SMS banking. The malware intercepted all SMS messages on the infected phone and then used SMS banking to send commands for money transfers. The malware intercepted the payment confirmation codes to ensure that the transfer could be completed without raising suspicion.
For distribution of this malware, a fake link of Adobe Flash Player was sent via SMS texts. The link would allow downloading of the Trojan and scan for particular American banking apps such as those of Wells Fargo, Citi Amex, Chase and Bank of America but there is no proof about the purpose of the app after performing scanning.