Incident Response, Malware, TDR

Carbon Grabber crimeware kit being distributed in spam campaign


The automotive industry in Europe is the primary target of an ongoing spam campaign involving the Carbon Grabber crimeware kit, but the public services, financial, charity and energy sectors are also being hit, according to Symantec.

The campaign begins with a suspicious looking email from an alleged German company named Technik Automobile GMBH, according to a Friday post. It contains an attachment said to be a list of used and pre-owned vehicles, but is actually Carbon Grabber malware.

Carbon Grabber injects code into Microsoft Outlook, Internet Explorer, Google Chrome, and Mozilla Firefox, as well as hooks browser APIs, meaning it can steal data prior to it being encrypted, the post indicates.

Outlook credentials, as well as credentials for online banking and internal web applications, run the risk of being stolen and sent to the command-and-control server, according to the post.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.