Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Russian police arrest notorious 'Carberp' Trojan gang

Huge crime spree brought to a halt

Article comments

Russian police are reported to have arrested the gang behind the notorious Carberp Trojan used to steal hundreds of millions of roubles from online bank customers during one of the most notorious cybercrime campaigns ever to hit the country.

In a major police operation, The Federal Security Service (FSB) and Ministry of the Interior (MVD) are said to have swooped on the gang’s ringleaders, two Moscow-based brothers in their late 20s, one of whom was wanted for real estate fraud.

Six accomplices of the pair were also detained.

“Our experts did an enormous amount of work, which resulted in identifying the head of this criminal group, the owner and operator of a specialised banking botnet, identifying the control servers, and identifying the directing of traffic from popular websites in order to spread malware infection,” said Ilya Sachkov, CEO of Group-IB, a security firm that helped investigate the gang’s attacks.

“The investigations conducted by our Forensics Lab confirmed the use of the Win32/Carberp and Win32/Rdpdor malware by the criminals in order to carry out theft of funds.”

The gang also conducted DDoS attacks, Sachkov said. Police seem confident that they have netted the entire gang.

Often associated with Blackhole Exploit Kit, Carberp achieved notoriety across the online banking world as a follow-up attack in the aftermath of the infamous Zeus Trojan of 2010.

In its signature Russian attacks, the Trojan would steal online logins, which allowed the criminals to transfer sums to mule accounts from where it was removed using ATM transactions.

What marked the Carberp gang out from the start was the apparent impunity with which it attacked ordinary Russians, something that made it public enemy number one in the country. Up to 130 banks around the world were affected, with at least 130 million roubles (£2.8 million) stolen in a recent three-month period in Russia alone.

Worldwide, in the 18 months of its operation Carberp was probably making the gang millions of dollars per month, some of which was cycled back into other cybercrime campaigns.

The full extent of the gang's activities has still to be established but could take in other high-profile Russian malware activities.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *