Tag: Carbanak
-
Updated Carbanak malware leveraged in ransomware attacks
Ransomware attacks last month saw the reemergence of the Carbanak banking malware, which has been strengthened with attack techniques and …
-
Magecart Group Linked to Dridex and Carbanak Malware
Security researchers have discovered close links between a digital skimming group, Dridex phishing campaigns and the notorious Carbanak …
-
Magecart group linked to Dridex banking Trojan, Carbanak
An active Magecart scheme has ties to Dridex phishing campaigns and the Carbanak group, indicating that skimmer scripts may be a prelude to …
-
Magecart Group 4: A link with Cobalt Group?
Note: This blog post is a collaboration between the Malwarebytes and HYAS Threat Intelligence …
-
Carbanak Attack: Two Hours to Total Compromise
A security vendor’s investigation of a May 2018 cyberattack on an East European bank has revealed the astonishing speed and sophistication …
-
CARBANAK Week Part Four: The CARBANAK Desktop Video Player
Part One, Part Two and Part Three of CARBANAK Week are behind us. In this final blog post, we dive into one of the more interesting tools …
-
CARBANAK Week Part Three: Behind the CARBANAK Backdoor
We covered a lot of ground in Part One and Part Two of our CARBANAK Week blog series. Now let’s take a look back at some of our previous …
-
CARBANAK Week Part Two: Continuing the CARBANAK Source Code Analysis
In the previous installment, we wrote about how string hashing was used in CARBANAK to manage Windows API resolution throughout the entire …
-
Source Code for CARBANAK Banking Malware Found On VirusTotal
Security researchers have discovered the full source code of the Carbanak malware—yes, this time it’s for real. Carbanak—sometimes …
-
Source code of Carbanak trojan found on VirusTotal
The source code of one of the world’s most dangerous malware strains has been uploaded and left available on VirusTotal for two years, and …
-
CARBANAK Week Part One: A Rare Occurrence
It is very unusual for FLARE to analyze a prolifically-used, privately-developed backdoor only to later have the source code and operator …
●●●