The Bank of Russia confirmed the heist on Friday.
Hackers tried to steal 5 billion rubles, but the central banking authority managed to stop them and redirect the funds, according to central bank security executive Artiom Sychev.
“We were lucky to return some of money,” said a central bank spokesperson.
Hackers also targeted the private banks and stole cash from their clients, the central bank reported.
The central bank did not say when the heist occurred or how hackers moved the funds. But so far, the attack bears some similarity to a recent string of heists that has targeted the worldwide financial system.
In January 2015, hackers got a hold of an Ecuadorian bank’s codes for using SWIFT, the worldwide interbank communication network that settles transactions. They used Banco del Austro’s credentials to steal money the bank kept at Wells Fargo.
In October, hackers used the same technique to slip into a bank in the Philippines.
Two months later, hackers tried to make fraudulent requests at a commercial bank in Vietnam. They were stopped.
This past February, computer hackers stole $101 million from Bangladesh’s central bank — also by gaining access to SWIFT. That time, the bank robbers made five transfers out of Bangladesh Bank’s account at the Federal Bank of New York. The hackers tried to steal $951 million, but the Fed cut them off before the completion of the theft.
Researchers at the cybersecurity firm Symantec have concluded that the global banking system has been under sustained attack from a sophisticated group — dubbed “Lazarus” — that has been linked to North Korea.
But it’s unclear who has attacked Russian banks this time around.
Earlier Friday, the Russian government claimed it had foiled an attempt to erode public confidence in its financial system.
Russian’s top law enforcement agency, the FSB, said hackers were planning to use a collection of computer servers in the Netherlands to attack Russian banks. Typically, hackers use this kind of infrastructure to launch a “denial of service” attack, which disrupts websites and business operations by flooding a target with data.
The FSB said hackers also planned to spread fake news about Russian banks, sending mass text messages and publishing stories on social media questioning their financial stability and licenses to operate.