successful attacks against banking institutions conducted between August 2015 and February 2016
stolen from Russian banks
average banking losses
the average amount of theft as compared to the bank’s charter capital
Tactics, Technics and Procedures (TTPs) and detailed descriptions of attack vectors
How the malware spreads
through internal banking network
The timeline of the Buhtrap
group activity and the chronology
of attacks against banks
Indicators of Compromise (IoCs)
of banking malware
Knowing the dynamics and the ways, how threat actors develop and tune their industry‑specific attacks is vital to be one step ahead cybercriminals. Anunak, Corkow and Buhtrap are not the only cyber groups actively attacking banks. We have detected at least two more cyber gangs which are believed to be preparing attacks against financial institutions.
Due to the constantly evolving threat landscape, the necessity to keep your security strategy and tactics up to pace with it has never been more crucial. We are devoted to staying ahead of the curve and providing the industry with the latest cyber threat intelligence both through public reports and our Threat Intelligence service.
Head of the Investigation Department
and the Threat Intelligence service
Threat Intelligence subscribers are always on the forefront and were made aware of the recent Buhtrap spear-phishing emails the same day they were sent. Additionally, reports included both mailings details and payload analysis. The data we provided proved vital in preventing attacks against clients exposed to Buhtrap risks.
We help to prevent and investigate cyber attacks at every stage, from reconnaissance or preparation to threat actors taking actions to achieve objectives. Furthermore, we prevent the spread of the attack and ensure that your infrastructure is clean of the presence of infection.
Contact us to learn more: +7 495 984-33-64 or firstname.lastname@example.org
Learn about threats, leakages, attacks, and hacking activity before they can harm your business
Detect malicious incidents
in your internal network to prevent intrusions, attacks, data leaks, and espionage
CERT-GIB – 24/7 emergency response and effective incident management
The largest computer forensics laboratory in Easter Europe, with an experienced investigation team
Group-IB is one of the global leaders in preventing and investigating high-tech crimes and online fraud. Since 2003, the company has been active in the field of computer forensics and information security, protecting the largest international companies against financial losses and reputation risks.
We are recognized by Gartner as a threat intelligence vendor with strong cyber security focus and the ability to provide leading insight to the Eastern European region and recommended by the Organization for Security and Co-operation in Europe (OSCE).
Group-IB’s experience and threat intelligence has been fused into an eco-system of highly sophisticated software and hardware solutions to monitor, identify and prevent cyber threats.Learn more