Strategic Security Survey: Global Threat, Local Pain
|(click for larger image and for full photo gallery)|
The scheme allegedly involved using the Zeus (aka Zbot) financial malware toolkit to infect PCs with malware, steal people's passwords and banking details, and then their money.
Revising original estimates that the cybercrime ring netted $3 million, the FBI revealed that the ring attempted to steal $220 million in total, with direct losses to victims' bank accounts totaling $70 million.
"We believe we have disrupted a highly organized criminal network, which has used sophisticated methods to siphon large amounts of cash from many innocent peoples' accounts," according to a statement from deputy chief inspector Terry Wilson of the Metropolitan Police Central e-Crime Unit.
The FBI said its investigation, code-named Operation Trident Breach, "began in May 2009, when FBI agents in Omaha, Nebraska, were alerted to automated clearing house (ACH) batch payments to 46 separate bank accounts throughout the United States."
The operation then expanded to include law enforcement agencies in the United States, United Kingdom, the Netherlands, as well as Ukraine. "During this investigation, the FBI worked closely with our overseas counterparts to identify subjects who were instrumental in the development and control of the malicious software, those who facilitated the use of malware, and those who saw a means to make quick, easy money -- the mules," said the assistant director of the FBI's cyber division, Gordon M. Snow, in a statement.
The so-called "money mules" operated as intermediaries between the Zeus cybercrime ring's masterminds and people's bank accounts. Using stolen credentials, the mules would withdraw cash from within the same country as the banking customer's account, to reduce the chance that the account would be frozen due to suspected fraud.
According to a statement from FBI director Robert S. Mueller III, "no one country, no one company, and no one agency can stop cybercrime." Indeed, cybercrime knows no borders, and furthermore the world lacks any kind of international cybercrime treaty. Accordingly, U.S. law enforcement agencies increasingly must build ties with their counterparts abroad, to successfully investigate and pursue criminals in other jurisdictions who operate online.