Carbanak backdoor - Sound like something you want to install at home. Nah, it is a financial APT (meaning bad Malware)

Now, it has an upgrade.
The silver lining is it targets banks rather than end users.
Let's hope that the Banks have sensible (not expensive) security.


From the article:

The attacks begin with spearphishing emails that have rigged attachments containing the Carbanak backdoor. Once on a compromised machine, Carbanak gives attackers remote control of the machine and the criminals used that as a foothold on the bank’s network and then stole money in several different ways.

researchers at CSIS in Denmark say they’ve seen new variants of Carbanak that have some unique characteristics. The folder in which Carbanak installs itself and the filename it uses are both static. The malware injects itself into the svchost.exe process as a way to hide itself.

“As several other advanced data stealing threats, Carbanak utilizes plugins. The plugins are installed using Carbanak’s own protocol


Carbanak is what we define as a financial APT. In its nature, it is very targeted and it is being deployed in small numbers. In this way, it tends to slide under the radar .

For more info
https://threatpost.com/new-versions-of-carbanak-banking-malware-seen-hitting-targets-in-u-s-and-europe/114522