Source Code of Ratopak/Pegasus Spyware Targeting the Financial Sector Recently Leaked

On July 6, 2018, a post claiming to contain the source code of Carbanak group malware was published on a Russian-speaking underground forum. Soon after the sharing of the code on the Russian underground, it was uploaded by an unknown actor to the text-sharing platform Pastebin, making it accessible to all. At the same time, malware researchers analyzing the shared code discovered the malware is not one used by the Carbanak group, but rather, it is the Ratopak/Pegasus spyware, used in attacks against Russian banks in 2016. Continue reading “Source Code of Ratopak/Pegasus Spyware Targeting the Financial Sector Recently Leaked”