Source code of Carbanak trojan found on VirusTotal


Carbanak FIN7

The source code of one of the world’s most dangerous malware strains has been uploaded and left available on VirusTotal for two years, and almost nobody has noticed.

It was discovered by security researchers from US cyber-security firm FireEye, analyzed for the past two years, and made public today, so other members of the cyber-security community can also benefit from the company’s finding.


The source code is for the Carbanak malware, a backdoor trojan that is the work of the FIN7 gang, also known under the names of Carbanak, Anunak, or the Cobalt Group.

FIN7 is one of the world’s most dangerous and prolific hacker groups known to date, being responsible for hacks and thefts from banks and financial institutions of more than €1 billion.

The Carbanak backdoor is the group’s second-generation malware strain, which they developed and used as their primary tool to aid in intrusions on banks’ networks.

Read more…