Update: U.S. charges 60 in connection with the Zeus Trojan
IDG News Service -
U.S. authorities have charged more than 60 people in connection with the money-stealing Zeus Trojan program, according to the U.S. Department of Justice.
Zeus has been a major problem for computer users and financial institutions over the past few years. Once installed on the victim's PC, the malware can be used to log into a victim's bank account and transfer funds to another account controlled by the criminals.
The malicious software is sold in black market forums and there are more than a dozen Zeus gangs in operation worldwide. Security experts say that the gangs have netted more than $200 million since Zeus was discovered in 2006.
The U.S. arrests involve so-called money mules, people who are paid to set up accounts that receive stolen funds and then move the money out of the country, typically via a wire service such as Western Union.
The DOJ has scheduled a press conference in Manhattan on Thursday afternoon to further discuss the arrests.
According to documents seen by IDG News Service, prosecutors have filed a total of 26 complaints. Investigators from the agencies including the U.S. Federal Bureau of Investigation and State Department special agents describe in the complaints an elaborate network used to launder funds stolen by the Zeus malware.
One of the complaints describes in-depth the use of money "mules" in order to facilitate the transfer of funds into criminal accounts. Mules agree to allow funds to be transferred out of victims' accounts into their own accounts. Those funds are typically quickly withdrawn and wired elsewhere before banks detect the fraud.
But that was a risky job, involving withdrawing cash from the banks either in person or visiting cash machines, both of which would be under video surveillance.
"The mule organization typically recruited mules from Eastern Europe who were either planning to travel to or were already present in the United States on J1 visas," according to the complaint lodged against three individuals: Artem Semenov, Almira Rakhmatulina and Julia Shpirko.
The J1 visa is a non-immigrant visa granted to people such as students. When those mules arrived in the U.S., they were given fake foreign passports in order to open more bank accounts. Stolen funds were transferred to those accounts in amounts close to $10,000, according to the complaint.
"The mules kept a portion of the fraudulent proceeds for themselves -- usually 8 to 10% -- and transferred the rest to other participants in the fraudulent scheme," the complaint said.
Semenov, Rakhmatulina and Shpirko were charged with conspiracy to commit bank fraud and conspiracy to possess false identification documents. Semenov and Rakhmatulina were also charged with false use of a passport.
Customs officers intercepted a United Parcel Service package shipped from Moldova addressed to Semenov at a residence in Brooklyn, New York. Inside the package were several passports, including some with Semenov's photograph but different names such as "Petar Stojanovic" and "Victor Rajkov."
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- The Critical Role of Support in Your Enterprise Mobility Management Strategy Most business leaders underestimate the importance of tech support when they choose an EMM solution. Here's what to put on your checklist.
- Live Webcast Best Practices for the Hyperconverged Enterprise Network To the Age of Constant Connectivity and Information overload
- Live Webcast Unmasking the Differences between Consumer and Enterprise File Sync & Share The consumerization of IT combined with the rapid pace of the modern mobile workplace is forcing enterprise IT teams to evaluate file sync...
- Live Webcast Government Agency Webifies Outdated COBOL Applications Let this CTO tell you how his agency converted 1980s-era green screens into an e-filing portal for the 100,000 cases handled each year...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,...
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the... All Applications White Papers | Webcasts