The CARBON SPIDER group, also known as the Carbanak group, is a sophisticated cybercriminal enterprise known for targeting a wide range of industries, including banking, financial, media, technology, hospitality, and food and beverage sectors, primarily through the use of custom tools like Sekur. Initially thought to be a single entity, the group's activities have been divided into several clusters, suggesting possible splintering into subgroups with distinct missions and shared resources. These clusters include targeting point-of-sale systems in Western enterprises, Russian banking institutions, and Middle Eastern financial entities. The group's operations have evolved over time, with indications of a shift away from their previously relied-upon custom tools and a focus on exploiting sectors that provide significant financial returns, such as hospitality and restaurant POS systems. Recent arrests of key members have further impacted their operational strategies, and CrowdStrike continues to monitor CARBON SPIDER's activities using advanced intelligence capabilities to prevent breaches and adapt to their changing tactics.