Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Carbanak Gang Reappears with Enormous Cyber-attack

Proofpoint recently detected an enormous cyber-attack in which the APT gang Carbanak from Russia is involved while returning to business.

The security company finds the gang attacking executive officers within the national economies' financial sectors in Europe, USA and Middle East, of which the Middle East accounts for the maximum instances. The attack does not just target financial institutions but firms in the media too along with somewhat unusual targets such as the fire safety, heating and air conditioning companies.

The gang reportedly became inactive during February 2015 when security researchers thwarted their operations; however, in the autumn of the same year and subsequently during February 2016, it made a comeback with fresh assaults; however, this time targeting multinational companies' financial departments and the institutions of finance.

These targeted assaults described as spear phishing attacks occurred directly against high-profile executive officers within banks situated inside eighteen countries, with the majority striking UAE, Kuwait, Oman, USA and Australia.

Proofpoint researchers observed that the gang moved their attack beyond institutions of finances to apparently unconnected targets within HVAC, fire and safety. They further said that among others who could provide attackers an entry point were suppliers and vendors.

Proofpoint believes the current attacks are indications of the notorious $1bn heist by Carbanak of 2015 about to make a repeat. According to the company's research, computations show that last year's assault covered 3-4 months since start of contamination to theft that brings up the question about if the current attack is preparation for the next such high value heist. Apparently Proofpoint is seeing the initial phases of certain assault leveraging fresh exploits, RATs and malware-laced e-mail attachments for targeting fresh entities beyond the Russian domain they normally seek. Scmagazineuk.com posted this, March 22, 2016.

Proofpoint detects the latest threat to be a RAT (remote access Trojan) namely Spy.Sekur employed for creating backdoors on contaminated desktops. Alongside Spy.Sekur, Carbanak employed other increasingly infamous RATs as well, say security researchers. And as spear-phishing scams normally make up the early phase of most Internet offenses, Proofpoint has apparently seized Carbanak performing theft directly during one fresh surge of assaults.

ยป SPAMfighter News - 3/30/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page