Dorapepe

5 RUSSIAN BANKS CYBER ATTACKED IN BITCOIN EXTORTION PLOT

Last updated: June 19, 2025, 23:13 | Written by: Elizabeth Rossiello

5 Russian Banks Cyber Attacked In Bitcoin Extortion Plot
5 Russian Banks Cyber Attacked In Bitcoin Extortion Plot

Imagine waking up to find your bank account inaccessible, held hostage by faceless cybercriminals demanding ransom in Bitcoin. Five banks in Russia have undergone a DDoS-attack according to Artyom Sychev, Deputy Director of the General Directorate of Security and Information Protection of Russia s Central Bank.This isn't a scene from a dystopian thriller; it's the harsh reality faced by at least five major Russian banks targeted in a sophisticated cyber extortion plot.These attacks, facilitated by a massive botnet compromising tens of thousands of devices across the globe, highlight the growing threat of cybercrime targeting financial institutions. Russian Man Pleads Guilty in Tesla Extortion PlotA Russian national has pleaded guilty to his role in a conspiracy to extort motoring giant Tesla via data-stealing ransomware. Egor Igorevich Kriuchkov, 27, pleaded guilty to one count of conspiracy to iThe attackers, emboldened by the anonymity afforded by cryptocurrencies like Bitcoin, are leveraging ransomware and DDoS attacks to cripple operations and extort hefty sums from their victims. Author: Topic: [ ] Bitcoin Extortion Plot Executed on Russian Banks (Read 343 times)This incident underscores the critical need for robust cybersecurity measures and international cooperation to combat the escalating wave of cyber extortion in the digital age. At least five major banks in Russia have been hit with a series of cyberattacks made possible by a malicious botnet consisting of roughly 24,000 computer systems and Internet of Things (IoT) devices from 30 different countries, a security firm has said.Understanding the methods used by these cybercriminals and implementing proactive defenses is paramount for financial institutions and individuals alike.

Understanding the Cyber Attacks on Russian Banks

The recent wave of cyber attacks against Russian banks has exposed vulnerabilities in their cybersecurity infrastructure and raised concerns about the potential for wider disruption. Understand the MITRE ATT CK in terms of tactics, techniques and procedures (TTPs), and people, process and technology (PPTs), and how to defend against attacks. Sort through alerts with Jaqueline Lehmann using a SIEM system to correlate data from multiple sources and find accurate, high-fidelity alerts.These attacks weren't isolated incidents but rather a coordinated effort leveraging sophisticated tools and techniques.

DDoS Attacks: A Barrage of Traffic

According to Artyom Sychev, Deputy Director of the General Directorate of Security and Information Protection of Russia's Central Bank, the banks were subjected to DDoS (Distributed Denial of Service) attacks. Malicious cyber activity threatens the public s safety and our national and economic security. The FBI s cyber strategy is to impose risk and consequences on cyber adversaries.These attacks involve flooding the targeted servers with a massive influx of traffic, overwhelming their capacity and rendering them inaccessible to legitimate users. Ethereum just suffered a $1.4B hack, draining Bybit s cold wallet in one of the biggest crypto exploits ever. Now, the crypto world is split should EthereumThink of it as a digital traffic jam, preventing anyone from reaching the bank's online services.

The Role of the Botnet

A security firm revealed that the DDoS attacks were orchestrated by a malicious botnet consisting of approximately 24,000 computer systems and Internet of Things (IoT) devices spread across 30 different countries. According to a 2025 report by IBM, finance firms are averaging $5.9 million per data breach. Below are seven growing cybersecurity threats, as well as some suggestions for how banks can keep data secure. 1. Third-party risks. Topping any list of cyber-related nightmares are the risks posed by fintech firms and other vendors.A botnet is a network of compromised devices (computers, routers, smart devices) controlled remotely by hackers without the owners' knowledge. The pro-Kremlin hacker group Killnet has resurfaced under a new identity, claiming responsibility for a cyber attack on Ukraine s drone-tracking system, a move analysts believe may be part of a broader Russian information operation. Cybersecurity researchers say the group s return, coinciding with Russia s Victory Day, appears moreThese devices are then used to launch coordinated attacks, making it difficult to trace the origin and shut down the operation.

Ransomware and Bitcoin Extortion

While DDoS attacks disrupt operations, the ultimate goal is often ransomware extortion. The bank did not disclose how hackers successfully infiltrated the network, but initial investigations showed that the attack may have occurred as early as December 2025. Flagstar bank initiated incident response protocols as soon as they discovered a data breach and stated that there was no evidence of exploitation during investigations.Ransomware involves encrypting the bank's critical data and demanding a ransom payment, usually in Bitcoin, for the decryption key. A ransomware attack on a technology service provider has forced payment systems across nearly 300 small Indian local banks to shut down temporarily, two sources directly aware of the matter said. The attack affected C-Edge Technologies, a provider of banking technology systems to small banks across the country, they said.This effectively holds the bank's data hostage, paralyzing their operations until the ransom is paid. 5.9M subscribers in the Bitcoin community. Bitcoin is the currency of the Internet: a distributed, worldwide, decentralized digital money. UnlikeThe relative anonymity afforded by Bitcoin makes it an attractive currency for cybercriminals.

Bitcoin's Role in Cyber Extortion

Bitcoin, the leading cryptocurrency, has been both praised for its innovative technology and criticized for its association with illicit activities. In the latest example, the world's largest meat processor, JBS, announced Wednesday night that it recently paid $11 million in Bitcoin after a cyber attack forced the shutdown of its plants in theIts decentralized nature and the perception of anonymity have made it a preferred method of payment for cybercriminals engaged in extortion schemes.

The Allure of Anonymity

Bitcoin transactions are recorded on a public ledger called the blockchain, but the identities of the parties involved are not directly linked to the transactions.Instead, transactions are associated with cryptographic addresses, providing a degree of pseudonymity.This makes it challenging for law enforcement to track the flow of funds and identify the perpetrators behind cyber extortion schemes.While not truly anonymous, the extra layer of obfuscation is enough for many criminals.

Bitcoin as a Digital Ransom Note

Cybercriminals often demand ransom payments in Bitcoin because it's easily transferable across borders and difficult to trace.Unlike traditional banking systems, Bitcoin transactions don't require intermediaries, allowing for rapid and discreet transfers. Cyber extortion presents itself in various forms with unique methods and implications. Understanding the common types of cyber extortion not only equips individuals and organizations with the necessary knowledge to identify potential threats but also helps devise effective countermeasures. Ransomware AttacksThis makes it an ideal tool for demanding and receiving ransom payments anonymously.

Is Bitcoin Really Anonymous?

While Bitcoin offers a degree of pseudonymity, it's not entirely anonymous.Blockchain analysis techniques can be used to trace the flow of funds and potentially link transactions to real-world identities.As law enforcement agencies become more sophisticated in their blockchain analysis capabilities, the use of Bitcoin for illicit activities is becoming riskier for cybercriminals. 5 Russian Banks Cyber Attacked in Bitcoin Extortion PlotThink of it like leaving digital footprints in the snow – skilled trackers can still follow your path.

Who are the Cyber Extortionists?

Identifying the individuals or groups behind cyber extortion attacks is a complex process.These actors operate in the shadows, often using sophisticated techniques to mask their identities and locations.However, some patterns and groups have emerged in recent years.

OldGremlin: A Russian-Based Cybercrime Group

Since March, a new Russian-based cybercrime group called OldGremlin has carried out at least eight cyber-attacks on Russian companies.The group typically targets banks, industrial companies, and medical firms with ransomware attacks, indicating a focus on high-value targets that are likely to pay a substantial ransom.

The Rise of Ransomware-as-a-Service (RaaS)

The cybercrime landscape has evolved with the emergence of Ransomware-as-a-Service (RaaS), where developers create and maintain ransomware tools, and affiliates use these tools to launch attacks.This model allows individuals with limited technical skills to participate in cyber extortion schemes, lowering the barrier to entry and increasing the overall threat level.

Nation-State Actors and Cyber Warfare

In some cases, cyber extortion attacks may be attributed to nation-state actors engaged in cyber warfare or espionage.These actors may use cyber attacks to disrupt critical infrastructure, steal sensitive information, or exert political influence.The pro-Kremlin hacker group Killnet, for example, has resurfaced under a new identity, claiming responsibility for a cyber attack on Ukraine's drone-tracking system. Manhattan Crypto Investor Charged in Violent Bitcoin Extortion Plot. 26/05 .Such groups can cause major geopolitical ramifications. A cyberattack that caused indiscriminate economic damage around the world was apparently designed to create maximum havoc in Russia's neighbor and adversary Ukraine, security researchers said.Analysts believe this may be part of a broader Russian information operation.

Defending Against Cyber Extortion: A Multi-Layered Approach

Protecting against cyber extortion requires a comprehensive and multi-layered approach that addresses vulnerabilities across the organization. The rise of digital currencies like Bitcoin has made it easier for criminals to demand and receive payments anonymously, fueling the growth of this crime. One of the most common forms of online extortion is ransomware attacks. In these attacks, criminals infect a victim's computer with malware that encrypts their files.This includes implementing robust security measures, educating employees, and establishing incident response plans.

Strengthening Cybersecurity Infrastructure

  • Firewalls and Intrusion Detection Systems: Implement firewalls and intrusion detection systems to monitor network traffic and block malicious activity.
  • Antivirus and Anti-Malware Software: Use updated antivirus and anti-malware software to detect and remove malicious software.
  • Regular Security Audits and Penetration Testing: Conduct regular security audits and penetration testing to identify vulnerabilities and weaknesses in the system.
  • Multi-Factor Authentication (MFA): Enforce multi-factor authentication for all critical systems and accounts to prevent unauthorized access.
  • Patch Management: Implement a robust patch management system to ensure that all software and systems are up-to-date with the latest security patches.

Employee Education and Awareness

Employees are often the weakest link in the cybersecurity chain.Training employees to recognize and avoid phishing scams, malicious emails, and other social engineering attacks is crucial.

  • Phishing Simulations: Conduct regular phishing simulations to test employees' awareness and identify areas for improvement.
  • Security Awareness Training: Provide regular security awareness training to educate employees about the latest threats and best practices.
  • Strong Password Policies: Enforce strong password policies and encourage employees to use unique and complex passwords.

Incident Response Planning

Even with the best security measures in place, organizations may still fall victim to cyber attacks.Having a well-defined incident response plan in place is essential for minimizing the impact of a breach and ensuring a swift recovery.

  • Data Backup and Recovery: Regularly back up critical data and store it in a secure offsite location.
  • Incident Response Team: Establish an incident response team with clear roles and responsibilities.
  • Communication Plan: Develop a communication plan to inform stakeholders about the incident and provide updates on the recovery process.
  • Negotiation Strategy: Develop a clear strategy for dealing with extortion demands, including whether or not to pay the ransom.

What if a Cyber Extortionist Demands Bitcoin?

Deciding whether to pay a ransom is a difficult and complex decision. What is Cyber Extortion? - Cyber extortion is a crime involving an attack or threat of an attack coupled with a demand for money or some other response in return for stopping or remediating theThere's no guarantee that paying the ransom will result in the recovery of the data, and it may encourage further attacks. Bitcoin has been hailed as an alternative to physical currency, partly due to its anonymous nature leading to increased security and privacy. This featureHowever, in some cases, it may be the only option for restoring critical business operations.

Should You Pay the Ransom?

The decision to pay the ransom should be based on a careful assessment of the potential costs and benefits.Consider the following factors:

  • The Value of the Data: How critical is the encrypted data to the organization's operations?
  • The Cost of Downtime: How much will it cost the organization to be without access to the data?
  • The Reputation Risk: What is the potential impact on the organization's reputation if the breach is made public?
  • The Likelihood of Recovery: Is there a reasonable expectation that paying the ransom will result in the recovery of the data?

Alternatives to Paying the Ransom

Explore alternatives to paying the ransom, such as:

  • Data Recovery Services: Consult with data recovery specialists who may be able to recover the data without paying the ransom.
  • Law Enforcement: Contact law enforcement agencies, such as the FBI, who may be able to assist in the investigation and recovery of the data.
  • Cyber Insurance: If the organization has cyber insurance, contact the insurer to discuss coverage options and potential assistance.

The Future of Cyber Extortion and Bitcoin

The threat of cyber extortion is likely to continue to evolve and escalate in the coming years. In Russia, authorities estimate about 20,000 people are engaged in cyber crime activities, mainly involving bank fraud, along with cyber extortion schemes, and fake pharmaceutical email scams.As technology advances and cybercriminals become more sophisticated, organizations will need to stay one step ahead to protect themselves.

Emerging Threats and Trends

  • AI-Powered Cyber Attacks: The use of artificial intelligence (AI) is expected to play an increasingly important role in cyber attacks, enabling attackers to automate and scale their operations.
  • Targeting of Critical Infrastructure: Cybercriminals are increasingly targeting critical infrastructure, such as power grids, water systems, and healthcare facilities, posing a significant threat to public safety.
  • Double Extortion: In addition to encrypting data, cybercriminals are increasingly stealing sensitive information and threatening to release it publicly if the ransom is not paid.

The Role of Regulation and International Cooperation

Combating cyber extortion requires a coordinated effort involving governments, law enforcement agencies, and the private sector.This includes establishing clear regulations, strengthening international cooperation, and developing effective strategies for preventing and responding to cyber attacks.

Practical Examples and Actionable Advice

Let's consider some practical examples and actionable advice for different scenarios:

Example 1: Small Business Owner

A small business owner receives a phishing email that appears to be from their bank.They click on the link and enter their login credentials, unknowingly providing the information to cybercriminals.The cybercriminals then use this information to access the business's bank account and steal funds.

Actionable Advice: Educate employees about phishing scams and train them to recognize suspicious emails.Implement multi-factor authentication for all critical accounts.

Example 2: Large Corporation

A large corporation is hit with a ransomware attack that encrypts critical data.The cybercriminals demand a ransom payment in Bitcoin for the decryption key. 6.1M subscribers in the Bitcoin community. Bitcoin is the currency of the Internet: a distributed, worldwide, decentralized digital money. UnlikeThe corporation's incident response team assesses the situation and determines that the cost of downtime is significant. Five Russian banks have been under intermittent cyber-attack for two days, said the country's banking regulator. The state-owned Sberbank was one target of the prolonged attacks, it said.They decide to pay the ransom after consulting with law enforcement and cyber insurance providers.

Actionable Advice: Develop a comprehensive incident response plan that includes a clear strategy for dealing with extortion demands.Regularly back up critical data and store it in a secure offsite location.

Frequently Asked Questions (FAQs)

What is cyber extortion?

Cyber extortion is a crime involving an attack or threat of an attack coupled with a demand for money or some other response in return for stopping or remediating the attack.

What is ransomware?

Ransomware is a type of malware that encrypts a victim's files and demands a ransom payment for the decryption key.

Why do cybercriminals demand payment in Bitcoin?

Cybercriminals demand payment in Bitcoin because it offers a degree of anonymity and is easily transferable across borders.

What should I do if I am a victim of cyber extortion?

If you are a victim of cyber extortion, contact law enforcement, consult with a cybersecurity expert, and assess your options for data recovery and incident response.

How can I protect myself from cyber extortion?

Protect yourself from cyber extortion by implementing robust security measures, educating yourself about the latest threats, and establishing an incident response plan.

Conclusion: Staying Ahead of the Cyber Extortion Game

The cyber attack on five Russian banks, fueled by Bitcoin extortion, serves as a stark reminder of the evolving threat landscape. Trump is not the only public figure and government official prone to Bitcoin extortion. In fact, Russian banks, UK colleges and small businesses have been targeted in separate ransomware attacksFrom DDoS attacks crippling operations to ransomware holding data hostage, the methods employed by cybercriminals are becoming increasingly sophisticated.Bitcoin, while offering benefits of decentralization, inadvertently provides a veil of anonymity that emboldens these malicious actors. The WannaCry ransomware attack compromised the systems of Russian banks in some isolated cases, the Russian central bank said on Friday in the first official acknowledgement by MoscowTo mitigate the risks, organizations must adopt a multi-layered approach, encompassing robust cybersecurity infrastructure, employee education, and comprehensive incident response plans.Staying informed about emerging threats, embracing proactive measures, and fostering collaboration between government, law enforcement, and the private sector are crucial steps in safeguarding against the rising tide of cyber extortion. Cyber criminals extorting Russian companies. Since March, a new Russian based cybercrime group called OldGremlin, has carried out at least eight cyber-attacks on Russian companies. The group typically targets banks, industrial companies and medical firms with ransomware attacks.The key takeaway is that a proactive, informed, and adaptive approach is crucial to surviving – and thriving – in the face of this evolving threat.Don't wait until you're a victim.Start strengthening your defenses today and secure your digital future.

Elizabeth Rossiello can be reached at [email protected].

Articles tagged with "Swiss SEBA gets approval-in-principle to offer crypto services in" (0 found)

No articles found with this tag.

← Back to article

Related Tags

cointelegraph.com › news › 5-russian-banks-cyber5 Russian Banks Cyber Attacked in Bitcoin Extortion Plot www.cybersecurityintelligence.com › blog › fiveFive major Russian Banks Attacked - Cyber Security Intelligence finance.yahoo.com › news › wannacry-cyber-attackWannaCry cyber attack compromised some Russian banks: c.bank www.reddit.com › r › Bitcoin5 Russian Banks Cyber Attacked in Bitcoin Extortion Plot malwaretips.com › threads › cyber-criminals-plot-toCyber criminals plot to extort Bitcoins from Russian banks www.bbc.com › news › technology- Russian banks hit by cyber-attack - BBC News www.facebook.com › Altcurrencyhelp › posts5 Russian Banks Cyber Attacked in - Altcurrencyhelp.com amatas.com › reports › cybersecurity-news-may-2025Cybersecurity News May 2025 Threats, Trends Insights bitcointalk.org › index[ ] Bitcoin Extortion Plot Executed on Russian Banks www.coinlive.com › news-flash › Manhattan Crypto Investor Charged in Violent Bitcoin www.s-rminform.com › srm-insights › kidnap-andKidnap and Extortion in Russia-CIS: New and Old Tricks freebeacon.com › national-security › interpol-cyberInterpol: Cyber Crime from Russia, E. Europe Expands extortion.io › insight › case-studies-on-majorCase Studies On Major Online Extortion Incidents www.cyberreport.io › news › russian-man-pleadsRussian Man Pleads Guilty in Tesla Extortion Plot www.npr.org › › How Bitcoin Has Fueled Ransomware Attacks - NPR www.reddit.com › r › BitcoinBitcoin Extortion Plot Executed on Russian Banks : r - Reddit cointelegraph.com › news › growing-bitcoin-extortionGrowing Bitcoin Extortion: From Trump to - Cointelegraph www.ibm.com › think › securitySecurity - IBM www.linkedin.com › pulse › cyber-extortion-vaibhavCYBER EXTORTION - LinkedIn www.upguard.com › blog › biggest-data-breaches10 Biggest Data Breaches in Finance - UpGuard

Comments