Win32/Carberp Gang on the Carpet

[Update: police have issued a video of the man they say ran the whole group.]

We've spent quite a lot of time on this blog in the last year or more discussing Win32/Carberp, which has also found its way into the occasional paper and presentation.

So it gave us particular pleasure to see that our friends at Group-IB have reported on their joint investigations with Russia's Federal Security Service (FSB) and Ministry of the Interior (MVD), resulting in the arrest of a gang of eight accused of offences under the Russian Federation's Criminal Code including larceny, creation and distribution of malicious software, and unauthorized access to computer information.

Group-IB have identified them as using Win32/Carberp and Win32/RDPdoor in pursuit of criminal profit, going beyond stealing banking credentials and plundering bank accounts to DDoS (Distributed Denial of Service) attacks. It's been suggested that if convicted, they can expect sentences of up to 10 years.

I'm looking forward to hearing more about joint research into Carberp and Blackhole in a presentation from Aleksandr Matrosov, Eugene Rodionov, Dmitry Volkov and Vladimir Kropotov at CARO 2012 later this year.

David Harley CITP FBCS CISSP
ESET Senior Research Fellow

Author David Harley, ESET

  • Aryeh Goretsky

    I just wanted to let readers know that the ESET Threat Encyclopedia entries for both the Carberp trojan and the CVE-2012-0507 exploit have been updated and can be found at

    in ESET's Threat Encyclopedia.

  • Leonard

    thanks, now I can go out and sell my couch and carpets.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

36 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.