The prime mover behind the Carbanak and Cobalt malware attacks that programmed ATMs to spit out cash has been arrested in Spain, recently.
According to Spain’s Interior Ministry, the hacker who stole over 1 billion Euros since 2013, is a Ukrainian national named Denis K. Suspected to be the leader of Carbanak, a Russian hacking group, Denis was detained in Alicante following an investigation by Spanish police, Europol and the U.S. FBI.
Carbanak hacking group started its ill-famous activities almost five years back by launching a chain of malware attack campaigns such as Anunak and Carbanak to pwn banks and ATM networks, from which the gang stole millions of credit card details of US-based retailers.
The hacking gang used spear-phishing emails to pwn bank networks. Hundreds of employees at different banks opened the phishing emails and ended up infecting their computers with Carbanak malware, allowing hackers to transfer money from the banks to fake accounts or ATMs monitored by criminals.
According to the Europol, based on the Cobalt Strike penetration testing software, which was in use until 2016, Carbanak later developed a sophisticated heist-ready banking malware known as Cobalt.
As per few other reports, the Ukraine Police has announced the arrest of another member of Cobalt group in Kiev, for developing malware and selling them in the underground markets.
According to Ukraine Police, the suspect has been working with Cobalt since 2016 and has also been involved in several notorious cyber attacks.
"This global operation is a significant success for international police cooperation against a top-level cybercriminal organization. The arrest of all the prime figures illustrates that cybercriminals can no longer hide behind perceived international anonymity," said Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3).