Carbanak malware was recording video of victims' desktops
April 26, 2019 / Michael Heller
Researchers from FireEye spent hundreds of hours analyzing the Carbanak backdoor malware and its source code and were surprised by some of the features it contained. Following hundreds of hours analyzing the Carbanak malware and source code, security researchers found surprising features and complexity, including the ability to record video of infected desktops. Michael Bailey and James Bennett, staff reverse engineers for FireEye, spent a combined 469 hours analyzing the Carbanak backdoor and its source code over the course of two years. Bennett reverse engineered the Carbanak malware itself and Bailey analyzed the source code discovered posted to VirusTotal in August 2017. Bailey's analysis of the Carbanak source code uncovered a complex piece of malware that included features such as vendor-specific antivirus evasion techniques, obfuscation techniques, a built tool to allow for different configurations and even a custom built video player and file format.