Carbanak Robs Banks And Bank Clients of $1 Billions

The greatest heist of the century: hackers stole $1 bln.

Carbanak is a an APT-style campaign targeting (but not limited to) financial institutions that was claimed to have been discovered in 2015 by the Russian/UK Cyber Crime company Kaspersky Lab who said that it had been used to steal money from banks. The malware was said to have been introduced to its targets via phishing emails. The hacker group was said to have stolen over 500 million dollars, or 1BN dollars in other reports, not only from the banks but from more than a thousand private customers. – Kaspersky Labs

To date, the main targets have been in the United States and Russia followed by Germany, Ukraine and China. Not only is the amount stolen large and the number of institution breached many, but the amount of time this has been going on has been long, years, in fact. The official Kaspersky Labs report claims to have evidence of this beginning in 2013. The way the hackers extracted money were varied. Sometimes it was relatively simple: the virus would attack an ATM and would just spit out loads of cash at a scheduled time, allowing a member of the hacking team to go and pickup the cash. Other times it used sophisticated methods: attacking the accounting system, incorrectly placing the decimal point of an account so the account balance was ten times more than it should be and then it would correct it by transferring the extra amount into accounts it had setup in other banks, laundering the funds and making it legit. Essentially, it was creating money. And the correction would go unnoticed because all of this would take place before the banks would have run a account balance check, which banks do with every account, though it’s been found out that many banks only do this about once every ten hours.

While I am able to explain it to you, my reader, in just one long sentence about one of its sophisticated methods, you must understand that there are multiple systems checking for correct coding of every transaction and every account. In order to go undetected, the virus must be able to do two things very well: it must understand the various languages used by various systems and the algorithms being used by these systems for both routine and special operations as well as mimic human interaction with these systems. The first part might sound like a defined problem that can be solved but it isn’t. The algorithms are built to change as it learns more. Carbanak was designed to learn and wait long before executing its financial transactions, if one can call it that.

Kaspersky Labs is the name of a cyber security firm based out of Russia named after its founder, Eugene Kaspersky. Kaspersky was trained in mathematical engineering at Moscow Institute of Physics and Technology, which was established and run by the Russian Defense Ministry and the KGB, Russian intelligence. Because of this background, the Lab hasn’t received as much business as it could have. However, over the years, with Kaspersky writing and opining about cyber crime and cyber security in reputable media outlets and with the Lab’s success in forensic research, like this one, Kaspersky Lab has been garnering more and more corporate clients. Kaspersky Lab also has retail security products.

Below, I have provided the report and various inforgraphics that Kaspersky Labs has created to educate the world on Carbanak. Also, I have provided a list of links that will help you quickly understand the issues surrounding the initiation, operation and discovery of the virus.

Carbanak APT Rpt Img
Carbanak APT: The Great Bank Robbery v2.0 by Kaspersky Lab



Carbanak_2_en map_Carbanak inf_Carbanak_x12802Carbanak_2_en


About the Author: Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.

One thought on “Carbanak Robs Banks And Bank Clients of $1 Billions

  1. […] Cybercrime is rampant. It isn’t just something the news is trumping up for sensationalism. There are two big estimates, neither are reliable but as reliable as possible currently. In 2009, President Barrack Obama is quoted as referring to MacAfee’s estimate of a $1 Trillion cost to the world due to cybercrime. Fox Business reported MacAfee’s new estimate in 2013 as being $500 Billion globally. Either way, this is a very large cost for something that legitimate consumers and businesses do not get a benefit from. Retailers have been hit with cybercrime that cost them millions. Retailer Target was probably the most notable event that got people’s attention back during the 2013 holiday season, which kicked off a number of other reported retailer victims of cybercrime. And then there was this past winter when Kaspersky discovered how a group called Carbanak stole $350 Million from European banks through a pa…. […]


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s