Government // Cybersecurity
News
10/4/2010
10:42 AM
50%
50%

Zeus Cybercrime Sting Produces Ukrainian Arrests

Alleged ringleaders of the financial malware botnet were responsible for stealing $70 million from individuals' bank accounts, said the FBI.




Strategic Security Survey: Global Threat, Local Pain
(click for larger image and for full photo gallery)
New details emerged on Friday relating to the Zeus financial cybercrime ring busted last week by authorities. On Thursday, said the Federal Bureau of Investigation, the Security Service of Ukraine (known as the SBU) "detained five individuals who were key subjects responsible for this overarching scheme."

The scheme allegedly involved using the Zeus (aka Zbot) financial malware toolkit to infect PCs with malware, steal people's passwords and banking details, and then their money.

Revising original estimates that the cybercrime ring netted $3 million, the FBI revealed that the ring attempted to steal $220 million in total, with direct losses to victims' bank accounts totaling $70 million.

"We believe we have disrupted a highly organized criminal network, which has used sophisticated methods to siphon large amounts of cash from many innocent peoples' accounts," according to a statement from deputy chief inspector Terry Wilson of the Metropolitan Police Central e-Crime Unit.

The FBI said its investigation, code-named Operation Trident Breach, "began in May 2009, when FBI agents in Omaha, Nebraska, were alerted to automated clearing house (ACH) batch payments to 46 separate bank accounts throughout the United States."

The operation then expanded to include law enforcement agencies in the United States, United Kingdom, the Netherlands, as well as Ukraine. "During this investigation, the FBI worked closely with our overseas counterparts to identify subjects who were instrumental in the development and control of the malicious software, those who facilitated the use of malware, and those who saw a means to make quick, easy money -- the mules," said the assistant director of the FBI's cyber division, Gordon M. Snow, in a statement.

The so-called "money mules" operated as intermediaries between the Zeus cybercrime ring's masterminds and people's bank accounts. Using stolen credentials, the mules would withdraw cash from within the same country as the banking customer's account, to reduce the chance that the account would be frozen due to suspected fraud.

According to a statement from FBI director Robert S. Mueller III, "no one country, no one company, and no one agency can stop cybercrime." Indeed, cybercrime knows no borders, and furthermore the world lacks any kind of international cybercrime treaty. Accordingly, U.S. law enforcement agencies increasingly must build ties with their counterparts abroad, to successfully investigate and pursue criminals in other jurisdictions who operate online.

Comment  | 
Print  | 
More Insights
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Nov. 10, 2014
Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.