Monday, March 26, 2018

Europol tracks down leader of Carbanak malware

The leader of a criminal ring responsible for the theft of over €1 billion from financial institutions has been arrested. The suspect, arrested in Alicante, Spain, is the mastermind behind Carbanak and Cobalt malware campaigns which accounted for over 100 banks and financial organizations as victims.

The cybercriminals have been active since 2013, striking banks in over 40 countries in order to steal at least €1 billion. The group behind the malware, labeled as FIN7, infected systems through spear phishing in order to spy on staff, watch how they transferred cash, and then mimic the techniques to transfer funds fraudulently without being discovered.
After 2016, the threat extended to include malware which also permitted the remote control of victim PCs, leading to the infection of servers which control ATMs. Stolen funds were cashed out through the remote control of ATMs, in which dispensers were forced to spew out cash -- when money mules would be waiting nearby to collect the money. Profits were laundered through the purchase and exchange of cryptocurrencies. Virtual coins were linked to prepaid cards to buy luxury goods including vehicles and property.