Carbanak

  • First known sample

    2013
  • Discovery

    2014
  • Number of targets

    1-100
  • Current status

    Active
  • Type

    Backdoor
  • Targeted platforms

    Windows
  • TOP targeted countries

    Australia , Brazil , Bulgaria , CIS , China , France , Germany , Hong Kong , Iceland , India , Morocco , Nepal , Norway , Pakistan , Poland , Russia , Spain , Switzerland , Taiwan , The Czech Republic , Ukraine , United Arab Emirates
  • The way of propagation

    Exploits , Social engineering
  • Purpose/Functions

    Stealing money , Surveillance
  • Special features
    First ever criminal APT
  • Targets

    Financial institutions
  • Artefacts/Attribution
    Responsibility for the robbery rests with a multinational gang of cybercriminals from Russia, Ukraine and other parts of Europe, as well as from China.
  • Description

    A cyber-gang targeting financial and telecommunications institutions primarily in Ukraine and Russia. The attackers frequently sent a spear-phishing email that contained the Carbanak backdoor. Once gaining access to the network, they used various tools for lateral movement until they reached their endpoint: a PC or server that could be used to extract the desired data or money from their target.

    Additional information