As promised, here is more data about the Carbanak cyberheist in addition to the original post First of all, a map that shows the IP addresses of the institutions that were hit. Kaspersky called them the "Carbanak cybergang" because of the name of the malware they used. Most of the banks that were hit are in Russia, but also on the list are ones in Japan, many in Europe, and the United States. According to Dutch security firm Fox-IT, Carbanak is the same group that was uncovered by Group-IB and Fox-IT in a Dec. 2014 report which referenced the attackers as the “Anunak hackers group” which stole reams of data from Staples, Sheplers and Bebe.
The gang appears to be the first international cybermafia, a group of cybercriminals from Russia, Ukraine and other parts of Europe and China. Kaspersky could not release the names of the banks because of nondisclosure agreements. The Times said that The White House and FBI have been briefed on Kaspersky Lab's findings, and Interpol is coordinating an investigation.
“Despite increased awareness of cybercrime within the financial services sector, it appears that spear phishing attacks and old exploits (for which patches have been disseminated) remain effective against larger companies,” Kaspersky’s report concludes. “Attackers always use this minimal effort approach in order to bypass a victim’s defenses.”
