Skip to main content
  1. Home
  2. Phones
  3. Mobile
  4. News

Russian Android malware infects millions of phones, drains bank accounts

Add as a preferred source on Google

Hackers used mobile malware to steal hundreds of thousands of dollars from bank customers. That’s according to Reuters, which reported on May 22 that cybercriminals tricked Russian users of Google’s Android operating system into downloading malicious apps.

The group of 16 Russian hackers, operating under the code name “Cron” after the malware they used, disguised the malware as fake banking applications and pornography web clients. When Android users in Russia searched online, the search engine results would suggest the fake apps.

Recommended Videos

The core members of the group were arrested on November 22 last year, before they could mount attacks outside Russia. But according to Group-IB, the cyber security firm investigating the attack with the Russian Interior Ministry, the Cron group infected more than a million smartphones in Russia at a rate of 3,500 devices a day.

“Cron’s success was due to two main factors,” Dmitry Volkov, head of investigations at Group-IB, said in a statement. “First, the large-scale use of partner programs to distribute the malware in different ways. Second, the automation of many (mobile) functions which allowed them to carry out the thefts without direct involvement.”

They targeted customers of Sberbank, Alfa Bank, and online payments company Qiwi, exploiting SMS text message transfer services. The group sent texts from infected devices instructing the banks to transfer money to the hackers’ accounts — up to $120 to one of the 6,000 fraudulent accounts. And they intercepted the transaction confirmation codes, preventing the victims from receiving a messages notifying them about the transaction.

They’d planned to go after large European banks including French lenders Credit Agricole, BNP Paribas, and Societe General, according to Group-IB.

Cron malware, which was first detected in mid-2015, had been in use for more than a year before the arrests. The Russian hackers rented a “Tiny.z,” a piece of malware designed to attack checking accounts systems, for $2,000 a month in June 2016, and adapted it to target European banks in Britain, Germany, France, the United States, and Turkey, among other countries.

Lukas Stefanko, a malware researcher at cyber security firm ESET in Slovakia, told Reuters that the exploit highlighted the dangers of SMS messages in mobile banking.

“It’s becoming popular among developing nations or in the countryside where access to conventional banking is difficult for people,” he said. “For them it is quick, easy, and they don’t need to visit a bank … But security always has to outweigh consumer convenience.”

Kyle Wiggers
Kyle Wiggers is a writer, Web designer, and podcaster with an acute interest in all things tech. When not reviewing gadgets…
How to install iOS 27 public beta on your iPhone?
iOS 27’s public beta is here, and its loaded with new features and experiences you might want to try.
iOS 27 beta update open on iPhone

After iOS 27’s third developer beta shipped on July 6, Apple released the first public betas for iOS 27 on July 13, 2026. While the main additions remain the same across the builds, the latter is the more refined and polished version, free of rudimentary bugs and glitches.

If you have a compatible iPhone, you can install the first public beta of iOS 27 today and experience the new Siri AI and other features yourself, provided that you know exactly what to do.

Read more
This Android malware can spy on your screen, read your texts, and control your phone remotely
Upgraded RedHook Android malware now abuses Android's built-in Wireless ADB to hijack your phone without root access.
android-redhook-malware

A nastier version of the RedHook Android malware is making the rounds, and it does not need a USB cable or a rooted phone to take over your device. Researchers at Group-IB discovered the upgraded variant, which is a significant step up from the version spotted in 2025. The scariest part? It uses one of Android's own built-in tools to do it.

How RedHook malware tricks your Android phone into handing over control

Read more
iOS 27’s public beta is finally here, and you don’t need a developer account to get in
Siri's biggest comeback is finally leaving the lab.
iOS 27 new star rating feature in Photos

Greg Joswiak just made it official. A few minutes ago, Apple's marketing chief confirmed the availability of public betas for iOS 27, macOS 27, iPadOS 27, and other Apple devices.

If you've spent the last month watching developers gush over Siri AI, patiently waiting for the public beta, that wait is over.

Read more