The bank said there was a first attempt to breach its computer security about 12 months ago through a cash management system that allows customers to initiate their own funds transfers to other banks.
The attempted fraud involved attempts to extract a total of $2.8m from the bank, although the perpetrators were able to withdraw only about $400,000 before the other banks were notified and stopped the transactions.
Attempts to extract more money from the bank were unsuccessful and resulted in the six arrests.
Although the alleged frauds took place during the past 12 months, details have only emerged during the past week because of an extradition hearing taking place in London.
The US authorities are seeking the extradition of one of the alleged hackers, a 24 year-old mathematics student who used a computer in his office in St Petersburg.
Yesterday Citibank was trying to play down the risks to client funds of such an incident. It described how it began work with the law enforcement agencies to monitor the perpetrators of the fraud and eventually catch them.
The bank said in a prepared statement: "At no time were any client funds at risk and Citibank quickly updated all security procedures on its systems. Because of continuous attention to security and control procedures no other attempts to breach Citibank's systems have been successful and no other losses were incurred by Citibank or any of its customers.
The bank said it prosecuted all fraud attempts to the fullest extent possible.