The Spanish National Police, in cooperation with law-enforcement agencies of other countries, has detained 34-year-old Ukrainian Denys K., suspected of involvement in cyberattacks against banks around the world, including in Russia.
According to the Spanish newspaper El Mundo, the total damage caused by the criminal ring under his lead reached about 1bn dollars.
The Ukrainian arrived in Spain in 2014. On 6 March 2018, he was detained in Alicante, Valencia. It is believed that the Ukrainian was the mastermind of the Cobalt group, which has operated since 2013 and stolen hundreds of millions of dollars. The group included three more people, two Ukrainians and a Russian.
They infected banks' computer systems with the help of malicious software, which allowed them to remotely withdraw money from ATMs, change bank balances and modify accounts. The stolen money was exchanged into crypto currency.
The operation was carried out in cooperation with the FBI and Europol, as well as law-enforcement agencies of other states.
The Ukrainian Cyber Police, for its part, said that they had identified a member of the international hacker group Cobalt.
The 30-year-old Kyiv resident is suspected of involvement in the development of viruses, cyber espionage and sale of personal data stolen around the world. The hacker also sold a variety of malicious software, and his viruses were used to remotely access victims' computers and fully control them.
"The police found that the man has been a member of a hacker group known as Cobalt since 2016, whose members are involved in mass attacks on various international banks. He was responsible for developing and supporting the proper operation of exploits that targeted vulnerabilities in the most common software products," the police said.
After gaining access to a computer, the attacker received personal information and bank details of all customers of a bank or a hotel whose computers were infected. This information was then sold. It was established that during one of such transactions he managed to sell about 140,000 bank card details. According to preliminary estimates, he earned almost 1.5m dollars on this transaction.
Law enforcers conducted searches at the attacker's flat. It is not reported whether he was detained.