Leader of Carbanak hacking group arrested – Responsible for over $1 billion in theft

During the last five years a gang of hackers known as Carbanak has been attacking banks all over the world, stealing more than $1.2 billion. The attacks were made possible through spearphishing and custom malware types: Anunak, Carbanak and Cobalt. Thanks to cooperation between Europol and law enforcement bureaus from all over the world the suspected group leader has been caught in Alicante, Spain.


Who are Carbanak?

According to Kaspersky the Carbanak group started their activity back in 2013 through a series of targeted attacks. Three types of malware were developed for this purpose, Anunak, the more refined Carbanak and the most recent, Cobalt.

Carbanak utilized spearphishing emails and APT (Advanced Persistent Threat) campaigns to trick bank employees into opening malicious attachments. Once opened it would infect their computers with the previously mentioned malware. This gave the group a way in to the banking systems.


Full bank access through malware

Once access had been gained the group had full control: ATMs were instructed to spit out money at certain times to be collected by the attackers, the balance of accounts were boosted while illegal transfers were made to others. The latest version dubbed Cobalt could allow attackers to steal over $10 million per target according to the European Banking Federation.

Laundering of the stolen money was performed through cryptocurrencies by buying prepaid cards linked to their wallets. These were used to buy luxury goods such as houses and cars. Through their campaigns so far losses of over $1 billion to the financial industry have been reported.


Europol cooperation leading to arrest

Cooperation between Europol and institutions worldwide such as the FBI, private security companies and authorities in Romania, Moldova, Belarus, and Taiwan is what made the arrest of the leader possible. “This global operation is a significant success for international police cooperation against a top level cybercriminal organization”, was said in a statement by Steven Wilson, head of Europol’s European Cybercrime Centre.

If you wish to read more about financial security news take a look at the two largest cryptocurrency exchange hacks resulting in losses over $1 billion. Finally, the three different malware types Carbanak, Anunak and Cobalt will be described in a later article.