Carberp: the end of the story

Three days ago, Kommersant. Ukraine ”spoke about the detention of the attackers who made up the backbone of the Carberp group. It’s even a little sorry this story is over. First of all, because Carberp became a kind of symbol from which the eyes of many journalists lit up, and some anti-virus experts, by the way, even considered it a threat of the century.

We will not discuss how significant this threat was, however, we assure that not a single cyber threat can be considered eternal and insurmountable. And, again, not only thanks to the efforts of antivirus companies that can develop an antidote, or, say, the efforts of virus writers who simply invent something new ... In principle, those who participate in the creation and distribution of malware can simply catch law enforcement. This, of course, does not happen as often as we would like, but ... it happens.

So, in the story around Carberp there are interesting nuances. It seems that the wave of news around this Trojan has somewhat subsided. And back in 2012. However ... At the end of March, representatives of a foreign antivirus company in Russia wrote about the appearance of "a new modification of the Carberp Trojan program that can use legal software to steal money and also bypass the two-factor authentication mechanism using one-time passwords." Moreover, in their blog on Habrahabr, they stated that the Carberp group still ranks first among similar groups engaged in banking fraud in Russia and Ukraine.

And here, just a few days later, the Ukrainian Kommersant erupted in sensation- The Ukrainian Security Service, together with the Federal Security Service of Russia, stopped the activities of a group of cyber fraudsters who stole more than $ 250 million over the past five years through Internet banking systems. This is not mentioned in the article, but we will explain that it is about the Carberp group and its “creation ".

According to Kommersant. Ukraine ”, the SBU conducted the operation to develop a group of cyber fraudsters by the department of counterintelligence protection of state interests in the field of information security for about a year. In Ukraine, fraudsters have been operating since 2009, and before that they worked according to a similar scheme in the Russian Federation. In total, they allegedly managed to steal more than $ 250 million in Ukraine and Russia. According to the SBU, there were about 20 people in the group, with an average age of 25 to 30 years. “These were programmers who worked remotely in Kiev, Zaporozhye, Lviv, Kherson and Odessa. As a rule, they did not know each other; each was responsible for his part of the development of the software module. Then the data was transferred to the main server in Odessa, the main organizer, a 28-year-old Russian citizen, also worked there, ”Kommersant added.

What is so surprising? - you ask us. On March 26, 2013, our industry colleagues talk about a new modification of Carberp (which almost no other anti-virus company knows about), that its creators are still extremely dangerous, and on April 2, 2013, Kommersant. Ukraine ”reports on the capture of Carberp authors. But the fact is that we knew firsthand the investigation of the entire history of Carberp by law enforcement agencies. And, although Kommersant. Ukraine ”wrote about this on April 2, 2013, the event happened much earlier. Everyone involved in the development and distribution of Carberp was detained on March 19, 2013.

We understand that our colleagues could be too late with the publication of their news. However, in our industry, communication efficiency goes hand in hand with the need to communicate verified facts. Let it be so.


By the way, if you think that this is the end of the story with the so-called "banking Trojans", then no, by ... Sharks smell the profit. Unfortunately…

Also popular now: