Hackers have flooded the dark web with stolen credit card details at Russia’s largest bank as cybercriminals target the country following the invasion of Ukraine.
The card details of 113,476 Sberbank customers have been leaked on the dark web since the conflict began, according to an investigation by data intelligence firm Cyberint, which is being advertised to sell to scammers. .
That’s almost 10 times the number circulating on illicit websites before the conflict started.
Sberbank has been hit by international sanctions since Vladimir Putin launched his war. Cyber experts said this has made it more vulnerable to hackers because it is easier to distract staff from sharing sensitive details.
The Telegraph revealed the British government’s plan to impose sanctions on Sberbank in February.
Since then, its operations have declined sharply across Europe. The lender’s Austrian unit was the first Russian financial institution to collapse due to sanctions, and Sberbank is also liquidating its investment bank in London.
The hacker collective Anonymous claims to have attacked the Russian lender in recent days and has also suffered major website disruptions or so-called “DDoS” attacks.
Sberbank said it had fought the biggest DDoS attack in its history on May 6.
Professor Alan Woodward, a cyber expert at the University of Surrey, said: “Sberbank is on the move and one of the most important things that happens with this is social engineering attacks on employees. things right now, and people who work in the bank won’t necessarily be used to it.
“So it would be easier for someone to take them out of their login details. They can call and impersonate someone or send a fishing email. .
“It’s hard not to conclude that there’s some kind of political motivation behind this in addition to criminal activity. The huge increase in filtered card details here shows that hackers are really doing it.”
British banks have been told they could also be the target of cyber-attacks for political reasons. The Financial Conduct Authority (FCA) has written to the executive directors of major lenders to warn them that their businesses are a likely target of retaliatory attacks over sanctions against Russian companies and oligarchs.
Lloyds CEO Charlie Nunn has said he is on “high alert” for a cyberattack from Russia.
Professor Woodward said: “The National Cybersecurity Center has been very involved in all of this and has been warning that an attack is almost inevitable.
“If a bank is attacked and such details are leaked, real people suffer financial losses. We often forget about card fraud, but it is probably one of the biggest costs in cybercrime.
“This is one of the biggest nightmares of the bank. If your card details were lost, you would only move your business to another location. Banks have a lot of very sensitive information about you, not just your financial information. I just wouldn’t trust them anymore if they lost. “