UK police arrest 19 in Zeus crimeware bust

U.K. police rounded up 19 people Tuesday in a pre-dawn raid targeting a criminal network using the Zeus banking trojan.

Police say that the gang made £6 million (US$9.5 million) in a three-month period by stealing passwords and login names from Windows computers and then using that information to set up unauthorized balance transfers to accounts controlled by the criminals.

"We believe we have disrupted a highly organised criminal network, which has used sophisticated methods to siphon large amounts of cash from many innocent peoples' accounts," said Detective Chief Inspector Terry Wilson, of London's Metropolitan Police Services, in a statement.

The Daily Mail posted photos of the raid, showing gang members being hauled away to jail. Charges have not yet been filed against those arrested but are expected soon, a Metropolitan Police spokesman said Wednesday.

There were 15 men and four women arrested in all. Their ages range between 23 and 47.

Zeus is a well-known Trojan horse program, thought to have infected millions of computers worldwide. Zeus comes in many variants, so while the U.K. arrests may be a blow against some of those responsible, they will not stop the malware from spreading.

As of Wednesday there were still more than 160 Zeus command-and-control servers in operation, according to Gary Warner, director of research in computer forensics with the University of Alabama at Birmingham.

"We don't think any of the people running any of the big Zeus networks are British," he said. He thinks that British authorities may have arrested a network of "money mules" -- people who specialized in removing money from U.K. banks and possibly customizing the Trojan to work in the country.

"The Zeus Trojan poses a sizeable threat to the safe use of the Internet and is being used increasingly by cyber-criminals worldwide - not simply those believed to be involved in this case," the Metropolitan Police said.

In the U.S., Zeus malware is notorious for stealing credentials belonging to small businesses and small organizations and then emptying hundreds of thousands of dollars in a matter of hours.

Thousands of PCs in the U.K. have been infected by Zeus, the Metropolitan Police said.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies