Issue link: https://insights.oneneck.com/i/1458399
32 Data Center & Hybrid Cloud Security For Dummies, Palo Alto Networks Special Edition These materials are © 2020 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. CARBANAK: THE GREAT BANK ROBBERY Carbanak is one example of a targeted attack that began in August 2013 and is currently still active despite the arrest of the alleged Carbanak "mastermind" in March 2018. The attackers have sent spear-phishing emails with malicious Control Panel file (.cpl) attach- ments or Word documents exploiting known vulnerabilities. When an initial system has been compromised, additional reconnaissance is performed to identify automated teller machines (ATMs), financial accounts, or other areas where money can be transferred for even- tual extraction. Each raid has lasted two to four months. To date, the attackers have targeted more than 100 financial institutions and busi- nesses, causing aggregated losses estimated at more than $1 billion.