Carbanak
-
First known sample
2013 -
Discovery
2014 -
Number of targets
1-100 -
Current status
Active -
Type
Backdoor -
Targeted platforms
Windows -
TOP targeted countries
Australia , Brazil , Bulgaria , CIS , China , France , Germany , Hong Kong , Iceland , India , Morocco , Nepal , Norway , Pakistan , Poland , Russia , Spain , Switzerland , Taiwan , The Czech Republic , Ukraine , United Arab Emirates
-
The way of propagation
Exploits , Social engineering -
Purpose/Functions
Stealing money , Surveillance -
Special features
First ever criminal APT
-
Targets
Financial institutions -
Artefacts/Attribution
Responsibility for the robbery rests with a multinational gang of cybercriminals from Russia, Ukraine and other parts of Europe, as well as from China.
-
Description
A cyber-gang targeting financial and telecommunications institutions primarily in Ukraine and Russia. The attackers frequently sent a spear-phishing email that contained the Carbanak backdoor. Once gaining access to the network, they used various tools for lateral movement until they reached their endpoint: a PC or server that could be used to extract the desired data or money from their target.