Spanish police have arrested a Ukrainian national they suspect is the head of the infamous Carbanak cyber crime gang that stole more than €1bn from 100 financial institutions, often by hacking into banks’ computers and ordering ATMs to dispense cash.
The gang has inflicted losses on banks in more than 40 countries using malware known as Carbanak and Cobalt, which also allowed the hackers to divert money to their own accounts before laundering it through cryptocurrencies, Europol said on Monday.
Europol arrests mastermind of Carbanak cyber crime gang
At a press conference Rafael Pérez, the head of Spain’s cyber crime unit, said that the suspect, identified only as Ukrainian national Denis K, was a “computer genius” and the mastermind of the criminal organisation.
Europol said it had been investigating the gang since 2016 with help from the European Banking Federation, law enforcement agencies around the world — including the US, Romania, Belarus and Taiwan — and private cyber security companies.
The Spanish interior ministry said that the criminal organisation attacked ATMs in the centre of Madrid during the first quarter of 2017, making fraudulent extractions worth €500m. It did not specify which banks had been affected.
The ministry added that Denis K’s large home in Alicante had extensive computer equipment, jewellery valued at €500,000, “various documents” and two luxury cars — all of which have been seized.
Europol said the gang sent “spear phishing” emails to bank employees that looked like they were from international banking organisations or ATM manufacturers, but included links to dummy websites that secretly downloaded malicious software.
Once the malware was downloaded into banks’ systems, it allowed the gang to manipulate their computers, including those controlling an ATM network. In some cases, the gang changed the withdrawal limits on accounts in order to take out large amounts of cash.