Threat Management, Malware

Russian security firm linked to Carbanak cybergang

The Carbanak cybergang which facilitated the heist of $1 billion from banks around the world last year, was linked to the Russian security firm Infocube.

Private security researcher Ron Guilmette claimed to have found commonalities in the original registration records for several domains that had previously been responsible for pushing malware known to be used by the cybergang, according to a July 18 Krebs on Security blog post.  

Guilmette said three domains that were documented as distribution hubs for the Carbanak malware used the same contact information which belonged to a Chinese firm named Xicheng Co., the post said.

He then linked the contact information to at least 484 domains - 304 of which had previously been linked to Carbanak activity.

Guilmette said one of the domains that hadn't been launching malware appeared to be the sister property to Infocube.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.