Source Code for CARBANAK Banking Malware Found On VirusTotal[thehackernews]
by CIRT Team
Security researchers have discovered the full source code of the Carbanak malware—yes, this time it’s for real.
Carbanak—sometimes referred as FIN7, Anunak or Cobalt—is one of the most full-featured, dangerous malware that belongs to an APT-style cybercriminal group involved in several attacks against banks, financial institutions, hospitals, and restaurants.
In July last year, there was a rumor that the source code of Carbanak was leaked to the public, but researchers at Kaspersky Lab later confirmed that the leaked code was not the Carbanak Trojan.
Now cybersecurity researchers from FireEye revealed that they found Carbanak’s source code, builders, and some previously unseen plugins in two RAR archives [1, 2] that were uploaded on the VirusTotal malware scanning engine two years ago from a Russian IP address.
“CARBANAK source code was 20MB comprising 755 files, with 39 binaries and 100,000 lines of code,” researchers say. “Our goal was to find threat intelligence we missed in our previous analyses.”
FireEye researchers have plans to release a 4-part series of articles detailing CARBANAK features and analysis based upon its source code and reverse engineering.
For more, click here.