← threatfilter.dev / all groups / Carbanak
Carbanak
Also known as: Anunak
Overview
Carbanak is a cybercriminal group that has used Carbanak malware to target financial institutions since at least 2013. Carbanak may be linked to groups tracked separately as Cobalt Group and FIN7 that have also used Carbanak malware.
TTPs — 9 techniques across 5 tactics
Resource Development
-
T1588.002Tool
Persistence
-
T1543.003Windows Service
Stealth
-
T1036.004Masquerade Task or Service -
T1036.005Match Legitimate Resource Name or Location -
T1078Valid Accounts -
T1218.011Rundll32
Defense Impairment
Command and Control
-
T1102.002Bidirectional Communication -
T1219Remote Access Tools
Tools & malware (4)
Carbanak · Mimikatz · PsExec · netsh
Reporting (3)
- Mastermind Behind EUR 1 Billion Cyber Bank Robbery Arrested in Spain — Europol
- FIN7 Evolution and the Phishing LNK — Carr, N., et al
- Anunak (aka Carbanak) Update — Prins, R