Police Arrest Bank Hacker Who Stole $1B

Uploaded on 2018-04-04 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

The leader of the crime gang behind the Carbanak and Cobalt malware attacks targeting over a 100 financial institutions worldwide has been arrested in Alicante, Spain.

This was the positive outcome after a complex investigation conducted by the Spanish National Police, with the support of Europol, the US FBI, the Romanian, Moldovan, Belarussian and Taiwanese authorities and private cyber security companies.

Spanish Police has arrested the alleged leader of an organised Russian cyber-crime gang behind the Carbanak and Cobalt malware attacks, which stole over a billion euros from banks worldwide since 2013.

In a coordinated operation with law enforcement agencies across the globe, including the FBI and Europol, Police detained the suspected leader of Carbanak hacking group in Alicante, Spain.

Carbanak hacking group started its activities almost five years ago by launching a series of malware attack campaigns such as Anunak and Carbanak to compromise banks and ATM networks, from which they swiped millions of credit card details from US-based retailers.

According to the Europol, the group later developed a sophisticated heist-ready banking malware known as Cobalt, based on the Cobalt Strike penetration testing software, which was in use until 2016.

"The magnitude of the losses is significant: The Cobalt malware alone allowed criminals to steal up to EUR 10 million per heist," Europol said.

 In order to compromise bank networks, the group sent malicious spear-phishing emails to hundreds of employees at different banks, which if opened, infected computers with Carbanak malware, allowing hackers to transfer money from the banks to fake accounts or ATMs monitored by criminals.

According to the authorities, the criminal profits were also laundered via crypto-currencies, through prepaid cards linked to the crypto-currency wallets, which were used to buy goods such as luxury cars and houses.

In early 2017, the gang of financially-motivated cyber-criminals was found abusing various Google services to issue command and control (C&C) communications for monitoring and controlling the machines of its victims. 

In separate news, Ukraine Police announced the arrest of another member of Cobalt group in Kiev, for developing malware and selling personal data from citizens worldwide.

The suspect was working with Cobalt group since 2016 and also involved in cyber-espionage activities. He allegedly sold a variety of malicious software in underground markets that allows anyone to access and control victims' computers remotely.

"This global operation is a significant success for international police cooperation against a top-level cyber-criminal organisation. The arrest of the key figure in this crime group illustrates that cyber-criminals can no longer hide behind perceived international anonymity," said Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3).

"This is another example where the close cooperation between law enforcement agencies on a worldwide scale and trusted private sector partners is having a major impact on top-level cyber criminality."

The Hacker News:      Europol

You Might Also Read:

Petty Criminals Have Use Of Sophisticated Hacking Tools:

Dark Web Fraud Undetectable By Police:
 

« IBM Watson AI Assistant Can Now Work With Autonomous Devices
AI And Blockchain In A Disruptive World »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

mmCERT

mmCERT

mmCERT is the national Computer Emergency Response Team for Myanmar.

Data Resolve Technologies

Data Resolve Technologies

Data Resolve offer a mechanism through which customers can detect and tackle various kinds of sensitive activities pertaining to data loss and data theft.

Untangle

Untangle

Untangle provides network security products designed specifically for the below-enterprise market, safeguarding businesses, home offices, nonprofits, schools and governmental organizations.

Spire Solutions

Spire Solutions

Spire Solutions is the Middle East & Africa region’s leading cybersecurity solution provider and value-added distributor (VAD).

Cytelligence

Cytelligence

Cytelligence is a cyber security consulting company with deep expertise in Cyber Breach Response, Cyber Breach Investigations, and Digital Forensics.

Kainos

Kainos

Kainos is a leading provider of Digital Services and Platforms. Our services include Digital Transformation, Cyber Security, Cloud, AI, IoT and more.

Componolit

Componolit

Componolit GmbH is a highly specialized company with a strong emphasis on trustworthy software, component-based systems and formal verification.

Truesec

Truesec

TRUESEC has an exceptional mix of IT specialists. We are true experts in cyber security, advanced IT infrastructure and secure development.

Cyber Readiness Institute (CRI)

Cyber Readiness Institute (CRI)

At the Cyber Readiness Institute, our mission is simple: empower small and medium-sized enterprises with free tools and resources to help them become more secure and resilient.

Red Goat Cyber Security

Red Goat Cyber Security

Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff.

QA Consultants

QA Consultants

QA Consultants is North America’s largest software quality engineering services firm, an award-winning onshore provider of software testing and quality assurance solutions.

e-Xpert Solutions

e-Xpert Solutions

e-Xpert Solutions is a company specialized in the Information Security field since 2001. Our skills are strong technical expertise and the development of tailor-made solutions.

Eviden

Eviden

Eviden is an Atos business that brings together its digital, big data and security business lines. It will be a global leader in data-driven, trusted and sustainable digital transformation.

CyberSanctus

CyberSanctus

CyberSanctus provide clients with a variety of pentest plans from the entry level starter plan, which is tailored for personal websites, to enterprise level pentests, tailored for large scale business

GAM Tech

GAM Tech

GAM Tech is a Managed IT Service Provider that serves small and medium sized businesses in Alberta, British Columbia, Ontario and Quebec.

Consortium

Consortium

Consortium goes beyond products and promises by working with enterprises to identify, acquire, and deploy cybersecurity solutions that matter.