Two Carbanak hackers sentenced to eight years in prison in Kazakhstan
Two members of the Carbanak (Cobalt) cybercrime group were sentenced today in a Kazakhstan court to eight years in prison for stealing from Kazakhstan banks.
The sentencing was announced today by the Almaty city prosecutor’s office.
The two hackers, whose names were not released, were found guilty of hacking into the IT systems of several Kazakh banks between 2016 and 2017, from where they stole more than 2 billion tenges ($4.6 million).
The stolen money was sent to 250 payment cards, which were then sent to Europe, and the funds cashed out through ATMs across Russia, Germany, Czech Republic, Estonia, Spain, Switzerland, Slovakia, Poland, the Netherlands, Lithuania, Belgium, and France.
The hackers, which operated part of the Carbanak group, also failed in stealing 8 billion tenges ($18.6 million), prosecutors said.
“The rest of the members of this criminal organization have been identified and are on the international wanted list,” Kazakh officials added.
The Carbanak group was first seen operating in 2013. By 2015, the group managed to breach more than 100 banks in 40 countries around the world and stole more than $1 billion, according to a Kaspersky investigation.
The suspect arrested in Germany, believed to be the gang’s leader, was sentenced to 10 years in April 2021.
The suspects sentenced today in Almaty now become the 5th and 6th Carbanak members to face the music.
After the 2018 arrests, the Carbanak group splintered into smaller groups, which continued to target the financial sector, and some also dabbled in ransomware; however, the group stopped operating as a whole at its previous scale.