Carbanak

GPTKB entity

Statements (48)
Predicate Object
gptkbp:instanceOf cybercrime
hacker
gptkbp:activeYearsStart 2013
gptkbp:alsoKnownAs gptkb:Anunak
gptkb:FIN7
gptkbp:arrested gptkb:Spain
2018
gptkbp:arrestedLeader gptkb:Aka_'Tank'
gptkb:Denis_K
gptkb:Denis_Tokarenko
gptkbp:connectsTo gptkb:Carberp_gang
gptkb:Cobalt_Group
gptkb:JokerStash
gptkb:MoneyTaker
gptkb:FIN7
https://www.w3.org/2000/01/rdf-schema#label Carbanak
gptkbp:investigatedBy gptkb:Interpol
gptkb:Kaspersky_Lab
gptkb:Europol
gptkb:FBI
gptkbp:notableBattle ATM jackpotting
SWIFT network compromise
point-of-sale malware
gptkbp:origin gptkb:Eastern_Europe
gptkbp:stolenBy over $1 billion
gptkbp:target gptkb:ATMs
banks
financial institutions
retail companies
hospitality sector
gptkbp:technique data exfiltration
social engineering
command and control servers
custom malware
living off the land
malicious attachments
lateral movement
malicious macros
fileless malware
privilege escalation
remote desktop control
gptkbp:usedPhishing spear phishing emails
gptkbp:usesMalware gptkb:Anunak_malware
gptkb:Carbanak_malware
gptkb:Carberp
gptkb:Cobalt_Strike
gptkbp:bfsParent gptkb:TA-97
gptkbp:bfsLayer 5