Combi Security, an Israeli-Russian front company, was central to operations organised by the cybercriminal group known as Fin7. Using the Carbanak malware, Fin7 successfully orchestrated a series of sophisticated attacks targeting over thirty countries' banking institutions, accumulating thefts surpassing €1 billion over a span of three years. The malware facilitated unauthorized remote access to financial systems, enabling manipulation of ATM machines for cash withdrawal ('jackpotting') and compromising point-of-sale data. These orchestrated thefts culminated in massive financial losses for the affected institutions and compromised the details of 15 million payment cards, particularly impacting over 120 U.S. companies, including notable names like Chipotle and Arby’s. Despite the arrests of several key figures, including the supposed ringleader in Spain and three Ukrainian nationals by the U.S. Department of Justice, the full extent of the damage and the potential continuation of their criminal activities under different techniques remain concerns for global financial security.
Source: https://www.occrp.org/en/component/tags/tag/combi-security
TPRM report: https://scoringcyber.rankiteo.com/company/westrockcompany
"id": "wes424042824",
"linkid": "westrockcompany",
"type": "Breach",
"date": "1/2013",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': '120 U.S. companies, including '
'Chipotle and Arby’s',
'industry': 'Banking',
'location': ['Over thirty countries'],
'name': 'Various banking institutions',
'type': 'Financial'}],
'attack_vector': 'Malware',
'data_breach': {'number_of_records_exposed': '15 million',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Payment card details'},
'description': 'Combi Security, an Israeli-Russian front company, was central '
'to operations organised by the cybercriminal group known as '
'Fin7. Using the Carbanak malware, Fin7 successfully '
'orchestrated a series of sophisticated attacks targeting over '
"thirty countries' banking institutions, accumulating thefts "
'surpassing €1 billion over a span of three years. The malware '
'facilitated unauthorized remote access to financial systems, '
'enabling manipulation of ATM machines for cash withdrawal '
"('jackpotting') and compromising point-of-sale data. These "
'orchestrated thefts culminated in massive financial losses '
'for the affected institutions and compromised the details of '
'15 million payment cards, particularly impacting over 120 '
'U.S. companies, including notable names like Chipotle and '
'Arby’s. Despite the arrests of several key figures, including '
'the supposed ringleader in Spain and three Ukrainian '
'nationals by the U.S. Department of Justice, the full extent '
'of the damage and the potential continuation of their '
'criminal activities under different techniques remain '
'concerns for global financial security.',
'impact': {'data_compromised': '15 million payment cards',
'financial_loss': 'Over €1 billion',
'systems_affected': ['ATM machines', 'Point-of-sale systems']},
'motivation': 'Financial Gain',
'response': {'law_enforcement_notified': 'U.S. Department of Justice'},
'threat_actor': 'Fin7',
'title': 'Fin7 Cyber Attacks using Carbanak Malware',
'type': 'Cyber Attack',
'vulnerability_exploited': 'Unauthorized remote access, ATM jackpotting, '
'Point-of-sale data compromise'}