Carberp Trojan developers arrested in Ukraine
Posted on 04.04.2013
The mastermind behind the Carberp Trojan and the developers that helped created it have apparently been arrested in Ukraine in a joint action by the Security Service of Ukraine (SBU) and the Russian Federal Security Service (FSB).


According to Kommersant Ukraine (via Google Translate), the leader of the group was a 28-year-old Russian citizen. The rest of the group - some 20 individuals all between 25 and 30 years old - were living, working and were finally arrested in Kiev, Zaporozhye, Lvov, Odessa and Kherson.

Each of them worked remotely, and were responsible for the development of one part of the malware. They would send their work to a server in Odessa, where the gang leader would apparently assemble the pieces into the final product. The malware was constantly worked on and changed to evade AV detection.

Carberp is a banking Trojan that steals information that can be subsequently used to break into individuals' and businesses' online banking accounts and bleed them dry. It also has a mobile component that allows criminals to steal mobile transaction authentication numbers (mTANs) sent by banks.

A little over a year ago a Russian gang that used the Trojan to steal over $2 million from the bank accounts of over 90 individuals has been dismantled. Late last year RSA commented that the team that developed the Trojan has begun to sell it and rent it to anyone who could afford it.

According to the Ukrainian news outlet, some of the arrested men have already been released on bail, while others are still under house arrest. If they are ultimately convicted by a court of law in Ukraine, the maximum prison sentence they can get is five years. Some of the arrested individuals have Russian citizenship, so they might be extradited and tried in their native country.









Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Aug 27th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //