A Trojan To Easily Manipulate Ruble-Dollar Exchange Rate

A Trojan To Easily Manipulate Ruble-Dollar Exchange Rate

A new Trojan came which can easily manipulate the rubles-dollar exchange rate. In 2015, hackers have already made the use of this Trojan on most of the Energobank and Russian bank and manipulate the ruble-dollar rate by 15%, placed nearly £350 million worth of orders in few minutes.

Because of manipulation of ruble-dollar the exchange went from 55 to 66 rubles per dollar and for Energobank, it leads to a loss of over £2 million. According to the Hill reports, they stated that more than in 250 banks because of the manipulation it leads to a loss of “hundreds of millions of stolen rubles”. And a new incident sparked out by Russia's central bank which caused by traders making mistakes they investigated and concluded.

The Corcow Trojan has been used by the cybercriminals to carry out currency manipulation. In 2011 Corcow first comes into appearance and till now they have already infected 250,000 computers and over 100 financial bodies. This Trojan is having different characteristics like web injection, keylogging and many more which is somehow same as the other banking Trojans. Apart from these, another features this Trojan are:

>> It is a flexible piece of malware.

>> It is able to load variable modules.

>> It can also hide from antivirus software and remains undetected. 

"In February 2015, Energobank closed and in the same month, it was attacked", declared insolvent by the Ukrainian government. 

The National Bank of Ukraine issued a statement saying: 

“Given ENERGOBANK PJSC's involvement in risky activities in January, as evidenced by deteriorating performance indicators and numerous complaints from bank clients, the bank was declared insolvent.” 

The bank couldn't tell the reason behind the closure of Energobank to the SCMagazineUK.com due to the Ukrainian banking secrecy laws. Same thing happened in previous year also when a 'pump and dump' scam has been run by the talented hackers, and it lead to a loss of 100 million personal details of customers of JP Morgan banking giant.

SC spoke to Robert Pritchard, an associate fellow at the Royal United Services Institute and an incident response specialist with a great deal of experience in cyber-security in finance. 

"We might be seeing hackers trying to get into finance, said Pritchard, adding: "What's difficult is how you would make money out of that". Unless you were “trying to undermine trust in the system”, said Pritchard, ”I think you have to have some follow-up activity. What would you get it to do to make money?"