The leader of an alleged cybercrime gang was detained in Alicante, Spain. He is known as Denis K, who has Russian and Ukrainian national passports. He was reportedly behind the Carbanak and Cobalt malware attacks targeting over a 100 financial institutions worldwide. Also, during the special operation  his three suspected accomplices of Russian and Ukrainian originwere arrested. In total, the police managed to identify 15 participants.

The activities of this group hit banks in more than 40 countries and led to cumulative losses of over 1 billion euros. According to Europol, almost all Russian banks were affected and about 50 of them did lose money in attacks.

The crime syndicate focused their efforts on attacks by using tailor-made malware based on the Cobalt Strike penetration testing software. Its profits were also “laundered via cryptocurrencies, by means of prepaid cards linked to the cryptocurrency wallets which were used to buy goods such as luxury cars and houses.”

The Spanish police, in order to expose the hackers, cooperated with the support of Europol, the US FBI, the Romanian, Moldovan, Belarussian and Taiwanese authorities and private cybersecurity companies.

Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3), said: “This global operation is a significant success for international police cooperation against a top-level cybercriminal organization. The arrest of the key figure in this crime group illustrates that cybercriminals can no longer hide behind perceived international anonymity.”