German Police Arrest 10 International Phishing Suspects - InformationWeek
Software // Enterprise Applications
04:38 PM

German Police Arrest 10 International Phishing Suspects

An 18-month police investigation led to the arrests of an alleged group of Russian, Ukrainian, and German phishers who were spending their loot on luxury cars and jewelry.

German authorities this week arrested a group of 10 people accused of running a Trojan horse phishing attack that has been targeting users' bank accounts.

The group includes Russian, Ukrainian, and German suspects, according to a release issued by Germany's Federal Crime Office. An 18-month police investigation culminated in arrests on Tuesday in several German cities, including Dusseldorf, Cologne, and Frankfurt. Toralv Dirro, a researcher with McAfee's Avert Labs, wrote in a blog post that investigators seized "a number of computers" during the arrests.

The defendants allegedly bought jewelry, cars, and luxury holidays with the money they made off the scam.

The group is alleged to have targeted online banking users by sending them fraudulent e-mails claiming to come from Deutsche Telekom, eBay, Wal-Mart, Ikea, or the German television licensing organization. Researchers at security company Sophos noted that attachments to the e-mails contained various Trojan horses, such as Troj/Clagger-AZ and Troj/DwnLdr-FYH.

"The German authorities deserve credit for putting the resources into investigating the deluge of malicious e-mails that computer users in their country were receiving in these campaigns," said Graham Cluley, senior technology consultant for Sophos, in a written statement. "The financial rewards for cybercrime are significant, and we are seeing more organized gangs getting involved in this kind of crime all the time. Everyone who has a computer needs to learn how to properly defend themselves, or risk having their money and identity stolen."

Dirro said the downloader Trojan connected with this group is ranked first in the list of Top Corporate User Malware in Avert Labs' Threat Library. Dirro also noted that German investigators "a number of computers" during their searchers.

"For many months there have been several waves a week of phishing e-mails sent with new variants of this downloader, that when executed would install some keylogging Trojan," wrote Dirro. "The e-mails typically look like a receipt sent from some company with details supposedly found in the attached .zip. Some of these e-mails even claimed to have come from German law enforcement agencies..."

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
[Interop ITX 2017] State Of DevOps Report
[Interop ITX 2017] State Of DevOps Report
The DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll