Botnet might finally stop causing carnage in Russia and Ukraine
The leader of the criminal network responsible for the nasty banking Trojan known as Carberp has reportedly been arrested.
Just last year, a slew of arrests related to the gang were made, but now the alleged mastermind, an unnamed 28-year-old Russian citizen, has been apprehended, according to a report on news site Kommersant Ukraine.
It is believed another 20 have been arrested, under suspicion of creating the malware itself. The operation was carried out by Russian and Ukranian forces.
Carberp has evolved over time, since its emergence in 2010. As noted by security firm ESET, it can now modify code on popular banking tool BIFIT iBank 2, used by hundreds of Russian banks in real time. Once that has happened, attackers can control all transactions made through the tool.
There was a mobile component too. Late last year, Carberp-in-the-Mobile, thought to be the first ever banking trojan to hit Google Play, was spotted. It was used to work alongside the desktop version of the malware to pick up mTANs – the unique numbers banks send to users to authorise a transfer.
That’s what the Zeus Trojan and its mobile companion continue to do. Indeed, Carberp was distributed by a botnet known to have links with the Zeus malicious network.
Despite last year’s arrests, ESET noted Carberp continued to spread, especially in Russia and Ukraine, where it is still the most profitable banking fraud software.
Are you a security expert? Try our quiz!