Menu
русскийenglish
Analysis of attacks against trading and bank card systemGroup-IB annual report on speculative fluctuations of exchange rate and other incidents in 2015 caused by the Trojan program Corkow (Metel)Request

Facts about Corkow:

for 6 months

and more the trojan could stay undetected in the system

14 minutes

lasted the attack that caused a high volatility in the exchange rate

20%

reached volatility of the ruble against the dollar during attack (from 55 to 66 rubles)

over 250 000

devices were infected with Corkow worldwide, and the scale of botnet increased daily

Download the report to learn more about:

detailed overview of the incident, when trading system was attacked by Corkow

cybercriminals’ approach and geographic spread of Corkow malware

indicators of compromise and recommendations for defense

technical analysis of the trojan and its functionality

Judging by the method of infecting devices and corporate networks, we can conclude that all infections were conducted on a random “non-targeted” basis. However, as our previous investigations on Anunak group displayed, access to any computer on a corporate network gives access to even the most highly protected banking systems. The attacks against the trading system and bank card system were conducted under the same scenario and thus we can forecast similar attacks against financial institutions in Russia, EU, the Middle East, Asia and the USA in the future.

Dmitry Volkov

Chief Technical Officer, Сo‑founder Group‑IB

Group-IB research on targeted attack groups

Cryptocurrency Exchanges
August 2018

2018 Cryptocurrency Exchanges

Estimation of the number of login and passwords leaks of cryptoсurrency exchanges users and analysis their nature. Recommendations for ensuring security of users and exchanges.
Request Learn more
MoneyTaker
May 2018

Cobalt: their evolution and joint operations

Learn about Cobalt’s development and modification of tools and tactics which were used to steal approximately 1 billion dollars from over 100 banks in 40 different countries.
Request Learn more
MoneyTaker
December 2017

MoneyTaker

This hacker group is noticeable for 1.5 years of silent operations and multiple attacks. They still pose a threat: learn about MoneyTaker techniques and indicators of compromise now.
 
Request Learn more
Hi-Tech Crime Trends 2017
October 2017

Hi-Tech Crime Trends 2017

Introducing the research on cyber-security trends and predictions for the next year. Plan your cyber security strategy effectively.
 
Request Learn more
Lazarus Arisen: Architecture, Techniques and Attribution
May 2017

Lazarus Arisen: Architecture, Techniques and Attribution

In-depth research, containing recommendations on how to track their involvement in recent attacks.
 
Request Learn more
Hi-Tech Crime Trends 2016
October 2016

Hi-Tech Crime Trends 2016

Learn about the evolution of cyber crime in 2016 and find out what predictions for 2017 came true. Spoiler: most of them did.
 
Request Learn more
Cobalt Group-IB report
December 2017

Cobalt: logical attacks on ATMs

The Cobalt’s group members did not touch the ATMs, just took the money. Discover how the “touchless jackpotting” worked.
 
Request Learn more
Buhtrap: the evolution of targeted attacks against financial institutions
March 2016

Buhtrap: the evolution of targeted attacks against financial institutions

This research gives the details about the methods of the hacker group, which carried out 13 successful attacks against banking institutions.
 
Request Learn more
Analysis of attacks against trading and bank card system
February 2015

Analysis of attacks against trading and bank card system

Group-IB annual report on speculative fluctuations of exchange rate and other incidents in 2015 caused by the Trojan program Corkow (Metel).
 
Request Learn more
Anunak: APT against financial institutions
December 2014

Anunak: APT against financial institutions

This research includes the findings of Group-IB and Fox‑IT on Anunak (Carbanak) group, which focused its activity on banks and electronic payment systems.
Download
Cryptocurrency Exchanges
August 2018

2018 Cryptocurrency Exchanges

Estimation of the number of login and passwords leaks of cryptoсurrency exchanges users and analysis their nature. Recommendations for ensuring security of users and exchanges.
Request Learn more
MoneyTaker
May 2018

Cobalt: their evolution and joint operations

Learn about Cobalt’s development and modification of tools and tactics which were used to steal approximately 1 billion dollars from over 100 banks in 40 different countries.
Request Learn more
MoneyTaker
December 2017

MoneyTaker

This hacker group is noticeable for 1.5 years of silent operations and multiple attacks. They still pose a threat: learn about MoneyTaker techniques and indicators of compromise now.
Request Learn more
Hi-Tech Crime Trends 2017
October 2017

Hi-Tech Crime Trends 2017

Introducing the research on cyber-security trends and predictions for the next year. Plan your cyber security strategy effectively.
 
Request Learn more
Lazarus Arisen: Architecture, Techniques and Attribution
May 2017

Lazarus Arisen: Architecture, Techniques and Attribution

In-depth research, containing recommendations on how to track their involvement in recent attacks.
Request Learn more
Hi-Tech Crime Trends 2016
October 2016

Hi-Tech Crime Trends 2016

Learn about the evolution of cyber crime in 2016 and find out what predictions for 2017 came true. Spoiler: most of them did.
 
Request Learn more
Cobalt Group-IB report
December 2017

Cobalt: logical attacks on ATMs

The Cobalt’s group members did not touch the ATMs, just took the money. Discover how the “touchless jackpotting” worked.
 
Request Learn more
Buhtrap: the evolution of targeted attacks against financial institutions
March 2016

Buhtrap: the evolution of targeted attacks against financial institutions

This research gives the details about the methods of the hacker group, which carried out 13 successful attacks against banking institutions.
Request Learn more
Anunak: APT against financial institutions
December 2014

Anunak: APT against financial institutions

This research includes the findings of Group-IB and Fox‑IT on Anunak group, which focused its activity on banks and electronic payment systems.
Download

Advanced protection against cyber threats

Group-IB’s security ecosystem provides comprehensive protection for your IT infrastructure based on our unique cyber intelligence and deep analysis of attacks and incident response.

Threat
Intelligence

Аctionable, finished intelligence to track actors and prevent attacks before they happen

Threat Detection System

Intelligence-driven network protection even from the most advanced attacks

Secure Bank
 

Client-side fraud and attack prevention system for online banking, working across sessions, platforms and devices

Secure Portal
 

Protection from bots, fraud and data leakage for e‑commerce and web portals

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Report an incident

24/7 Incident Response Assistance +7 495 984-33-64

Thank you!
We will contact you soon.