Gang behind Creation of Trojan Carberp Exposed
The SBU (Security Service of Ukraine) along with FSB (Russian Federal Security Service) launched an operation wherein the two jointly arrested the gang controlling Trojan Carberp as well as the developers who aided in making it. The arrests were carried out in Ukraine, published Help Net Security dated April 4, 2013.
Kommersant Ukraine, the news portal revealed that the person heading and instructing the gang happened to be Russian national aged 28-yrs. Others in the gang, numbering twenty-or-so persons, aged 25-30 years, happened to be alive and working but eventually had to surrender to arrest at different Ukrainian cities such as Zaporozhye, Kiev, Kherson, Odessa and Lvov.
The accused had stolen some $250m out of the accounts of Russian and Ukraine banks as they transferred the money to so-called "front firm" accounts. More accounts became affected in Canada and USA.
Also, the accused persons, who operated from afar, individually developed the Trojan in parts. They then transmitted their work onto an Odessa situated server so that all the pieces were assembled to make the final item. The person doing this was the gang chief himself. Work on the malware kept on being done that was also modified for bypassing anti-virus detection.
Senior malware Researcher Aleksandr Matrosov of ESET said that Carberp, which was first introduced during 2010, chiefly attacked Ukrainian and Russian bank customers while uniquely applied Java code within online-banking software for carrying out fraud. The gang disseminated Carberp via loading it onto well-known Russian websites as also it was utilized for disseminating malicious programs which changed the bytecode within the e-banking software namely iBank 2 of BIFIT. The software was widely used as a banking tool and some 800-or-more banks in Russia relied on it, elucidated Matrosov. Arstechnica.com published this, April 5, 2013.
The gang, during February 2011, reportedly made the Trojan available for sale at $10,000/kit; however, withdrew it after some months.
Meanwhile, following the first 8 detentions in 2012, the gang apparently stopped its operations.
It's understood that SBU is about to file a complaint vis-à-vis all of the accused while they could be imprisoned for up to 5-yrs.
Related article: Gang of 23 Turkish-Russian Hackers Rob Users’ Bank Accounts
» SPAMfighter News - 10-04-2013