gptkbp:instanceOf
|
cybercrime
hacker
|
gptkbp:activeYearsStart
|
2013
|
gptkbp:alsoKnownAs
|
gptkb:Anunak
gptkb:FIN7
|
gptkbp:arrested
|
gptkb:Spain
2018
|
gptkbp:arrestedLeader
|
gptkb:Aka_'Tank'
gptkb:Denis_K
gptkb:Denis_Tokarenko
|
gptkbp:connectsTo
|
gptkb:Carberp_gang
gptkb:Cobalt_Group
gptkb:JokerStash
gptkb:MoneyTaker
gptkb:FIN7
|
https://www.w3.org/2000/01/rdf-schema#label
|
Carbanak
|
gptkbp:investigatedBy
|
gptkb:Interpol
gptkb:Kaspersky_Lab
gptkb:Europol
gptkb:FBI
|
gptkbp:notableBattle
|
ATM jackpotting
SWIFT network compromise
point-of-sale malware
|
gptkbp:origin
|
gptkb:Eastern_Europe
|
gptkbp:stolenBy
|
over $1 billion
|
gptkbp:target
|
gptkb:ATMs
banks
financial institutions
retail companies
hospitality sector
|
gptkbp:technique
|
data exfiltration
social engineering
command and control servers
custom malware
living off the land
malicious attachments
lateral movement
malicious macros
fileless malware
privilege escalation
remote desktop control
|
gptkbp:usedPhishing
|
spear phishing emails
|
gptkbp:usesMalware
|
gptkb:Anunak_malware
gptkb:Carbanak_malware
gptkb:Carberp
gptkb:Cobalt_Strike
|
gptkbp:bfsParent
|
gptkb:TA-97
|
gptkbp:bfsLayer
|
5
|