Report details criminal groups using Carbanak with new tactics

News by Jeremy Seth Davis

A Carbanak details that the APT and malware is increasingly used alongside new tactics to target executives at financial institutions in the Middle East, US and Europe.

A recent report detailing Carbanak threats demonstrated that the Advanced Persistent Threat (APT) and malware is increasingly used along with new tactics to successfully target executives at financial institutions in the Middle East, US and Europe.

The Proofpoint report noted that criminal groups are using spear-phishing emails that deliver the Carbanak malware or popular remote access Trojans (RATs) like jRAT, Netwire, and Cybergate. These groups do this to probe the operations procedures of payment processors, ATM networks, and transaction processing systems. The emails sent by these criminal groups contained links that loaded malware or attachments to documents containing malicious macros.

The report comes a month after Kaspersky Labs noted that the Carbanak APT had re-emerged and was being used by criminal groups to gain control over ATM machines. The Russian cyber-criminal group Metel used Carbanak to automate the rollback of ATM transactions. Last year, researchers at Trend Micro linked the Carbanak campaign to point-of-sale malware attacks that occurred in late 2014.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Webcasts and interviews 

Interview - Everyone has an Achilles heel: The new security paradigm

How can we defend networks now that the perimeter has all but disappeared?
Brought to you in partnership with ExtraHop