The gang behind the Carbanak banking malware, which was tied to at least $1 billion in fraud from 2012 to 2014, appears to be back, wielding new tactics.
Recently, four new variants of Carbanak have been used to target victims in the United States and Europe via spear-phishing attacks, warns Denmark-based CSIS Security Group (seeCybercrime Gang: Fraud Estimates Hit $1 Billion). CSIS says the attacks mark a resurgence of activity from the cybercrime gang, which experts say went quiet after their attack campaigns were described by three different security firms, beginning in December 2014.
Separately, security experts have also spotted a new malware family or variant, dubbed Shifu, that has been tied to attacks against Japanese financial firms. But researchers warn that this malware is already designed to target multiple electronic banking platforms used throughout Europe and could easily be adapted to spread to other parts of the world.
View full story