In one of the most significant cyber heists, the Carbanak banking Trojan, attributed to the criminal group Fin7, led to losses exceeding €1 billion across banks in over thirty countries. This meticulously executed operation began with the leak of Carbanak's source code in 2013, empowering several gangs to perpetrate extensive financial theft. Employing spear-phishing tactics, the attackers lured employees of financial institutions to click on malicious documents, facilitating unauthorized network access. This access enabled them to manipulate ATMs for cash withdrawals and compromise point-of-sale systems. The process of each theft spanned months, involving mules to funnel stolen funds into criminal accounts. Despite arrests, including the gang's leader in Spain and three Ukrainian individuals by the U.S. DOJ, the full extent of the network and its operations, including potential ongoing activities, remains partly veiled. Europol's involvement in tackling this cybercriminal enterprise underscores the intricate, cross-border nature of combatting cybercrime, emphasizing the need for robust cybersecurity measures and international cooperation.
Source: https://carnegieendowment.org/specialprojects/protectingfinancialstability/timeline
"id": "eur405050824",
"linkid": "europol",
"type": "Vulnerability",
"date": "03/2018",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"