Arrested the leader of the cyber group, who stole more than 1 billion euros from banks around the world

Spanish police have arrested a suspected cyber-grouping leader who is responsible for carrying out the attacks of Anunak, Carbanak and Cobalt. Attackers most often attacked banks. Losses from their activities exceeded a billion euros.

The group began its activity with attacks on ATMs in order to steal these bank cards. To penetrate into the internal networks of organizations, attackers used social engineering methods — for example, they sent phishing emails to employees of various banks on behalf of counterparties or regulators that contained links to downloading malicious software. Getting into the internal network, this software could then activate the issuance of money by a specific ATM at a certain time, initiate the transfer of funds to dummy accounts or increase the balance of specific accounts.
')
According to Europol, the attackers laundered the stolen money with the help of cryptocurrencies - they used prepaid cards related to the crypto wallet from which expensive goods like cars or houses were bought.

The exact amount of funds stolen by the Carbanak grouping is unknown, in 2015 the damage from their activities was estimated at one billion dollars, but since then the group has carried out a large-scale Cobalt attack. According to the estimates of the European Banking Association, by now the damage "significantly exceeds" one billion euros.

Information about targeted attacks on financial organizations increasingly appears in the media. As a rule, in public sources all the incidents are described in general terms, without details of the techniques used. However, without knowing the methods of intruders, it is impossible to effectively identify such incidents and respond to them.

On Thursday, April 5, at 14:00 , during the free webinar, PT ESC specialists Alexander Grigoryan and Denis Kuvshinov will talk about tactics, techniques and procedures that cybercriminals use. The main methods of hacker groups operating in Russia and the CIS countries, which were obtained by PT ESC experts in 2017 during the investigation of major incidents and analysis of cyber threats, will be reviewed in detail. The target audience of the webinar is IB and IT specialists.

To participate in the webinar you need to register .