Fraudsters who have so far deceived ordinary Russians have begun to switch to companies en masse. According to Kommersant with reference to the regulator’s letter, the Central Bank has warned commercial banks about this.
According to the Central Bank, cybercriminals are increasingly attacking bank accounts of corporate clients through mobile applications of credit institutions (officially called remote banking systems, or RBS).
The fraudster is himself an authorized client of the bank. He enters the application using his own username and password and enters debug mode, after which he examines the order and structure of the API calls.
Then he generates an order for the transfer of funds, indicating the account number of the “victim” as the sender. Attackers get the details themselves from open sources. The regulator notes that it is possible to implement such schemes only if the fraudsters are well aware of the principles of the banks and their software.
In its letter, the Central Bank recommends that banks regularly carry out additional control and verification of RB systems. The regulator expects a repeat of such attacks and notes that they can be prevented with close cooperation between banks and software manufacturers.