Analysis of attacks against trading and bank card systemGroup-IB annual report on speculative fluctuations of exchange rate and other incidents in 2015 caused by the Trojan program Corkow (Metel)Request

Facts about Corkow:

for 6 months

and more the trojan could stay undetected in the system

14 minutes

lasted the attack that caused a high volatility in the exchange rate

20%

reached volatility of the ruble against the dollar during attack (from 55 to 66 rubles)

over 250 000

devices were infected with Corkow worldwide, and the scale of botnet increased daily

Download the report to learn more about:

detailed overview of the incident, when trading system was attacked by Corkow

cybercriminals’ approach and geographic spread of Corkow malware

indicators of compromise and recommendations for defense

technical analysis of the trojan and its functionality

Judging by the method of infecting devices and corporate networks, we can conclude that all infections were conducted on a random “non-targeted” basis. However, as our previous investigations on Anunak group displayed, access to any computer on a corporate network gives access to even the most highly protected banking systems. The attacks against the trading system and bank card system were conducted under the same scenario and thus we can forecast similar attacks against financial institutions in Russia, EU, the Middle East, Asia and the USA in the future.

Dmitry Volkov

Chief Technical Officer, Сo‑founder Group‑IB

Group-IB research on targeted attack groups

EY and Group-IB joint research: initial coin offerings (ICOs).

Thank you for your interest in our research. Please fill in the form below and we will send you the Group‑IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid
corporate email address.

 

Thank you! You’ll receive EY report shortly. Have you any questions, please contact us via crypto@Group‑IB.com.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Thank you for your interest in our research.
Please fill in the form below and we will send you the Group-IB report. Please make sure to correctly fill in all fields, we will only provide materials on provision of a valid corporate email address.

 

Thank you for the inquiry!
We will contact you soon.

Report an incident

24/7 Incident Response Assistance +7 495 984-33-64

Thank you!
We will contact you soon.