Carbanak – Computer Security Articles

The forgotten domain: Exploring a link between Magecart Group 5 and the Carbanak APT

October 22, 2019 admin Advanced persistent threats, APTs, attribution, Carbanak, cybercriminal groups, dridex, group5, Magecart, malicious domains, malicious websites, skimmer, Threat analysis

Credit to Author: Threat Intelligence Team| Date: Tue, 22 Oct 2019 15:00:00 +0000

Bread crumbs left behind open up a possible connection between Magecart Group 5 and Carbanak.

Categories:

Threat analysis

Tags: advanced persistent threats APTs attribution carbanak cybercriminal groups dridex Group5 Magecart malicious domains malicious websites skimmer

MalwareBytes Security

Magecart Group 4: A link with Cobalt Group?

October 3, 2019 admin Carbanak, colbalt group, credit cards, data theft, ecommerce, FIN7, group 4, Hyas, JavaScript, Magecart, skimmers, threat actor, threat actor group, threat actors, Threat analysis

Credit to Author: Threat Intelligence Team| Date: Thu, 03 Oct 2019 15:00:00 +0000

Malwarebytes threat intel partnered with security firm HYAS to connect the dots between Magecart Group 4 and the advanced threat group Cobalt.

Categories:

Threat analysis

Tags: carbanak colbalt group credit cards data theft ecommerce FIN7 group 4 HYAS JavaScript Magecart skimmers threat actor threat actor group threat actors

(Read more…)

The post Magecart Group 4: A link with Cobalt Group? appeared first on Malwarebytes Labs.

MalwareBytes Security

Everything you need to know about ATM attacks and fraud: part 2

August 2, 2019 admin 101, ALICE, Anunak, assistance fraud, atm attacks, atm cash-out attacks, ATM fraud, atm malware, Barnaby Jack, black box attacks, blog series, c0decalc, Carbanak, cutlet maker, Daniel Regalado, defrauding the elderly, distraction fraud, eavesdropping, extensions for financial services, greendispenser, jackpotting, logical attacks, malware-based attack, padpin, ploutus, sdelete, secure delete, shoulder surfing, social engineering attacks, stimulator, suceful, tyupkin, xfs middleware

Credit to Author: Jovi Umawing| Date: Fri, 02 Aug 2019 15:00:00 +0000

In part two of this two-part series on ATM attacks and fraud, we outline the final two ATM attack types—logical and social engineering—and provide info on how they are conducted, the different malware families used in these attacks, and how to protect against them.

Categories:

Tags: ALICE anunak assistance fraud atm attacks atm cash-out attacks atm fraud atm malware barnaby jack black box attacks blog series c0decalc carbanak cutlet maker daniel regalado defrauding the elderly distraction fraud eavesdropping extensions for financial services greendispenser jackpotting logical attacks malware-based attack padpin ploutus sdelete secure delete shoulder surfing social engineering attacks stimulator suceful tyupkin xfs middleware

Kaspersky Security

Carbanak source code leak: What’s next?

April 26, 2019 admin APT, banks, Carbanak, news, Threats

Credit to Author: Kaspersky Team| Date: Fri, 26 Apr 2019 18:14:25 +0000

The source code of infamous, billion-dollar malware was found on VirusTotal. Here’s what we know about it and what to expect next.

Kaspersky Security

Recently leaked malware source code isn’t Carbanak

July 12, 2018 admin Business, Carbanak, finance, Karamanak, kaspersky endpoint security, malware, news, Pegasus, Ratopak, source code, Threats

Credit to Author: Kaspersky Team| Date: Thu, 12 Jul 2018 13:46:40 +0000

The recently leaked source code actually isn’t Carbanak — it’s another advanced financial malware family. And the leak will likely have a huge ripple effect.

Kaspersky Security

What is #TheSAS

November 8, 2017 admin #TheSAS2018, APT, Business, Carbanak, conference, Equation, GReAT, kaspersky lab, SAS, SAS 2018, Security Analyst Summit, Special Projects

Credit to Author: Jeffrey Esposito| Date: Wed, 08 Nov 2017 14:30:57 +0000

What is the Kaspersky Security Analyst Summit (#TheSAS)?

Independent Krebs

Hyatt Hotels Suffers 2nd Card Breach in 2 Years

October 16, 2017 admin Carbanak, Hyatt Hotels breach, Other, Trustwave Spiderlabs

Credit to Author: BrianKrebs| Date: Thu, 12 Oct 2017 17:44:30 +0000

Hyatt Corp. is alerting customers about another credit card breach at some hotels, the second major incident with the hospitality chain in as many years.

Independent Krebs

Payments Giant Verifone Investigating Breach

March 7, 2017 admin Andy Payment, Anunak, avivah litan, Carbanak, Foregenix, Gartner Inc., Hyatt breach, mastercard, MICROS, Oracle, Oracle Micros Breach, Other, Steve Horan, Trustwave, Verifone breach, Visa

Credit to Author: BrianKrebs| Date: Tue, 07 Mar 2017 18:02:30 +0000

Credit and debit card payments giant Verifone [NYSE: PAY] is investigating a breach of its corporate computer networks that could impact companies running its point-of-sale solutions, according to multiple sources. Verifone says the extent of the breach was “limited” and that its payment services network was not impacted. San Jose, Calif.-based Verifone is the largest maker of credit card terminals used in the United States. It sells point-of-sale terminals and services to support the swiping and processing of credit and debit card payments at a variety of businesses, including retailers, taxis, and fuel stations. On Jan. 23, 2017, Verifone sent an “urgent” email to all company staff and contractors, telling them that they had 24 hours to change all company passwords.