Kaspersky Lab welcomes recent law enforcement operation against Carbanak group

Information Technology Press Releases Wednesday March 28, 2018 14:28
Bangkok--28 Mar--Kaspersky Lab

"The recent success in the fight against the Carbanak cybercriminal group is very good news for the whole industry and highlights how the exchange of information between countries is especially important in countering cybercrime," says Sergey Golovanov, Principal Security Researcher in the Global Research & Analysis Team, Kaspersky Lab.

Carbanak is an advanced persistent threat (APT)-like campaign, using targeted attack tools to hit financial institutions around the world for the main purpose of theft.

It was uncovered in 2015 by Kaspersky Lab together with INTERPOL, Europol and a number of other law enforcement authorities based on incident back to 2013. At the time, the group was using a range of tools, including a program called Carbanak. After the publication of Kaspersky Lab's findings in 2015, the group adapted its tools and started to use Cobalt-strike malware as well as its servers' names and infrastructure.

The group uses social engineering techniques, such as phishing emails with malicious attachments (for example Word documents with embedded exploits), to target employees in financial institutions of interest. Once a victim is infected, the attackers install a backdoor designed for espionage, data theft and remote management of the infected system, looking for financial transaction systems.

At the time of discovery, Kaspersky Lab researchers estimated that the Carbanak group had stolen up to a $1 billion. Since 2013, the group has hit more than 100 banks, e-payment systems and other financial organizations, in at least 30 countries in Europe, Asia, North and South America, and other regions, stealing more than billions of dollars from victims.

Based on the successful research into Carbanak, in 2016, Kaspersky Lab discovered two groups acting in a very similar way to Carbanak – Metel and GCMAN. They were attacking financial organizations using covert APT-style reconnaissance and customized malware, along with legitimate software and new, innovative schemes to cash out. Other actors have also implemented Carbanak-like techniques, tactics and procedures, for instance Lazarus and Silence.

Given the international scale of these actors' activities, we believe that there are dozens of people involved in this cybercrime activity. Discovered artefacts in the malicious files and victims' computers suggest that the creators of the Carbanak malware are Russian-speaking. Although, to perform cybercriminal activities in each country the group generally also looked for a native speaker.


Latest Press Release

Mobvoi and Innovation etc. launches TicWatch Pro in Thai market

Premium smartwatch powered with Wear OS by Google(TM). Layered Display technology extends battery life to 30 days on a single charge. Mobvoi Inc., and Innovation etc. is launching TicWatch Pro, premium smartwatch powered with Wear OS by Google(TM)....

Dahua Technology Opens Regional Supply Centre in Europe

Dahua Technology, a leading solution provider in the global video surveillance industry, celebrated the opening of its European Supply Centre in Zalaegerszeg, Hungary with an official opening ceremony on September 18th. Jason Zheng & Dr. Petra...

ODEM Activates Smart Contracts on the Ethereum Blockchain

ODEM, creator of the world's first On-Demand Education Marketplace, is pleased to announce the successful activation of smart contracts on the Ethereum Blockchain in support of the ODEM Platform. Dr. Adel ElMessiry, ODEM's Chief Technology Mentor,...

Shaky Video is Dead. GoPro HERO7 Black Features Gimbal-Like Video Stabilization In-Camera

- 14,500 THB Flagship GoPro also Features Live Streaming, TimeWarp Video, SuperPhoto, Improved Audio, and Face, Smile and Scene Detection - 'HERO7 Black Million Dollar Challenge' to Reward Customers for Shooting Product Highlight Reel - HERO7 Silver...

Makeblock Builds Creative Kit for Learning Apple#s Swift Programming Language with Neuron

Makeblock, the world leading STEAM education solution provider, announces that its Neuron Explorer Kit is boarding Apple Swift Playgrounds to help students unleash their creativity and thrive in the age of technology. Swift Playgrounds is a revolutionary...

Related Topics