Russian hackers target customers from domestic banks using Android malware. The next plan of cyber criminals is to attack European leaders before being arrested, according to a recent report from Reuters.

The attack of Russian cyber criminals from domestic banks netted a total of $892,000 up to $1 million. The group was believed to be part of the attack with a more powerful piece of malware to target bank customers in France and other western countries.

Like Us on Facebook

The hacking group known as Cron - named after the malware used - delivers the attack through fake mobile banking application, initially unsuspicious as it functioned like real banking apps. These fake apps with malware appear in searches together with genuine banking apps to further deceive the customer into downloading phony versions.

Apart from these, the malware is also embedded to fake versions of popular apps such as pornography and e-commerce services.

Customers from Sberbank are the primary target of the attack. However, hackers were able to steal money from customers of an online payment company Qiwi and account from Alfa Bank via text message using the transfer service of the company.

When the device of the user was already infected, hackers will be capable of sending SMS messages from these devices to banks. The content of the message requests transfer of money to the bank from the compromised account of the customer into an account that belongs to the hacking organization.

Since there are text-based transfer limitations, cyber criminals move the money into $120. Still, they generated a network of bank accounts - a total of $6,000 - where they transfer the stolen money.

The hacking scheme has also bypass two-factor authentication features, in which the user is obliged to enter a secondary code - via SMS message - to confirm identity. After that, the malware hijacks the verification code from the bank to stop the victim in receiving a notification message regarding the transaction.

Now, the group plans to attack European banks, such as BNP Paribas, Société Générale, and Crédit Agricole, though, there are no currently reported stolen funds from customers of French financial institutions.

At the moment, 16 people have been arrested regarding the case, including a 30-year old man, believed to be the leader of the group with 20 members that operates to six different regions in Russia.

According to Russian Interior Ministry, of these 16 people, four of them remain in detention while the rest are under house arrest. During the police raids, bank cards, computers, and SIM cards with registered fake names, were all collected.