The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks.
The Carbanak gang was first discovered by Kaspersky Lab in 2015, the group has stolen at least $300 million from 100 financial institutions.
The Carbanak malware has been active since at least 2014 and has been used by ransomware gangs to infiltrate financial systems. The threat actors used sophisticated phishing techniques against bank employees. The malware was used to gain initial access to the target networks through human-operated activity and take control of payment processing services.