Two Carbanak hackers sentenced to eight years in prison in Kazakhstan
Catalin Cimpanu June 2, 2021

Two Carbanak hackers sentenced to eight years in prison in Kazakhstan

Two Carbanak hackers sentenced to eight years in prison in Kazakhstan

Two members of the Carbanak (Cobalt) cybercrime group were sentenced today in a Kazakhstan court to eight years in prison for stealing from Kazakhstan banks.

The sentencing was announced today by the Almaty city prosecutor’s office.

The two hackers, whose names were not released, were found guilty of hacking into the IT systems of several Kazakh banks between 2016 and 2017, from where they stole more than 2 billion tenges ($4.6 million).

The stolen money was sent to 250 payment cards, which were then sent to Europe, and the funds cashed out through ATMs across Russia, Germany, Czech Republic, Estonia, Spain, Switzerland, Slovakia, Poland, the Netherlands, Lithuania, Belgium, and France.

The hackers, which operated part of the Carbanak group, also failed in stealing 8 billion tenges ($18.6 million), prosecutors said.

“The rest of the members of this criminal organization have been identified and are on the international wanted list,” Kazakh officials added.

The Carbanak group was first seen operating in 2013. By 2015, the group managed to breach more than 100 banks in 40 countries around the world and stole more than $1 billion, according to a Kaspersky investigation.

Carbanak-victims
Image: Kaspersky

A first Carbanak member was arrested in March 2018 in Spain. Subsequent arrests followed in August 2018 in Germany and Ukraine (two members), and all were extradited to the US to face charges.

The suspect arrested in Germany, believed to be the gang’s leader, was sentenced to 10 years in April 2021.

The suspects sentenced today in Almaty now become the 5th and 6th Carbanak members to face the music.

After the 2018 arrests, the Carbanak group splintered into smaller groups, which continued to target the financial sector, and some also dabbled in ransomware; however, the group stopped operating as a whole at its previous scale.

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.