The banking malware known as Carbanak has been observed being used in ransomware attacks with updated tactics.
“The malware has adapted to incorporate attack vendors and techniques to diversify its effectiveness,” cybersecurity firm NCC Group said in an analysis of ransomware attacks that took place in November 2023.
“Carbanak returned last month through new distribution chains and has been distributed through compromised websites to impersonate various business-related software.”
Some of the impersonated tools include popular business-related software such as HubSpot, Veeam, and Xero.
Carbanak, detected in the wild since at least 2014, is known for its data exfiltration and remote control features. Starting off as a banking malware, it has been put to use by the FIN7 cybercrime syndicate.
From USER to ADMIN: Learn How Hackers Gain Full Control
Discover the secret tactics hackers use to become admins, how to detect…