The leader of a cyber group that has stolen from banks around the world more than 1 billion euros

Spanish police have arrested the alleged leader of the cyber group, which is responsible for conducting the attacks of Anunak, Carbanak and Cobalt. Attackers most often attacked banks. Losses from their activities exceeded one billion euros.

The group began its activity with attacks on ATMs with the aim of stealing bank card data. To penetrate the internal networks of organizations, cybercriminals used methods of social engineering - for example, they sent phishing letters to employees of various banks, allegedly on behalf of counterparties or regulatory authorities, containing links to download malicious software. Once in the internal network, this software could then activate the issuance of money by a specific ATM at a certain time, initiate transfers of funds to front accounts or increase the balance of specific accounts.

According to Europol, the attackers laundered the stolen money using cryptocurrencies - they used prepaid cards associated with crypto wallets from which expensive goods like cars or houses were bought.

The exact amount of funds stolen by the Carbanak group is not known, in 2015 the damage from their activities was estimated at one billion dollars, but since then the group carried out a large-scale attack by Cobalt. According to estimates of the European Banking Association, to date, the damage "significantly exceeds" one billion euros.

Information about targeted attacks on financial institutions is increasingly appearing in the media. As a rule, in public sources all incidents are described in general terms, without details of the techniques used. However, without knowing the methods of the attackers, it is impossible to effectively detect such incidents and respond to them.

On Thursday, April 5, at 14:00 during a free webinar, specialists of the PT ESC division Alexander Grigoryan and Denis Kuvshinov will talk about tactics, techniques and procedures that cybercriminals use. The main methods of hacker groups operating in Russia and the CIS countries, information about which were obtained by PT ESC specialists in 2017 during the investigation of major incidents and analysis of cyber threats, will be examined in detail. Target audience of the webinar IS- and IT-specialists.

To participate in the webinar you need to register .