Zeus Trojan bust reveals sophisticated 'money mules' operation in U.S.
Crooks used fake passports, false identities to set up bank accounts for moving stolen money
Computerworld - Court documents released in connection with indictments announced on Thursday in a massive international cybercrime operation that resulted in millions of dollars being plundered from domestic bank accounts provide a fascinating -- if scary -- glimpse into how the crooks operated within the U.S.
The U.S Attorney's Office in Manhattan announced on Thursday that it had charged 37 individuals for their role in a scheme that involved the use of a sophisticated banking Trojan program and numerous "money mules" to steal from dozens of U.S. business accounts.
The charges in the U.S. followed similar arrests in the U.K., where authorities on Tuesday charged 11 Eastern European citizens in connection with the same scam. The operation in the U.S. was code-named ACHing Mules, in apparent reference to the fact that unauthorized automated clearinghouse (ACH) transactions were typically used to siphon money out of business accounts.
All of the individuals charged in the U.S. so far are from Russia and East European countries and were either money mules who helped transfer stolen money out of the U.S., or individuals who managed or recruited them.
Most of those charged on Thursday entered the country on J-1 non-immigrant visas, which are frequently used by students in cultural exchange programs and other short-term training programs. The visas allow those holding them to remain in the country for months at a time and permit them to open U.S. bank accounts.
A statement released by the U.S. Attorney's Office said the actual thefts were perpetrated out of Eastern Europe by crooks who used the Zeus banking Trojan to break into computers at small businesses and small municipalities.
The malware was used to steal online banking credentials, which were then used to access bank accounts belonging to the small business or municipality. The perpetrators would then withdraw money from the compromised accounts, typically in amounts just under $10,000, and transfer it to fraudulent U.S. bank accounts set up by the money mules.
The mules would quickly withdraw the funds and send them to the perpetrators after retaining a portion of it -- about 10% -- for themselves.
One example is Ilya Karasev, a 22-year-old Russian who has been charged with conspiracy to commit bank fraud, plus two other charges. The conspiracy charge alone carries a maximum penalty of 30 years in prison.
Court documents describe Karasev as a mule who first entered the country on a J-1 visa in May 2008 and then converted his status to an F-1 student visa in December that year.
Karasev's misdeeds are alleged to have begun in April this year, when he opened a fraudulent bank account at TD Bank in New York using a fake Belgian passport issued under the fictitious name Fransoise Lewenstadd.
- University of North Florida breach exposes data on 107,000 individuals
- Zeus Trojan bust reveals sophisticated 'money mules' operation in U.S.
- GAO slams White House for failing to lead on cybersecurity
- Man charged with attack on Web site of Fox News' Bill O'Reilly
- Heartland breach expenses pegged at $140M -- so far
- IT contractor gets five years for $2M credit union theft
- Democracy would suffer if Google left China, says MIT panel
- Gonzalez accomplice gets five years for hacking TJX
- Threat of cyberattacks from overseas high, federal IT execs say
- Botnets 'the Swiss Army knife of attack tools'
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Cybercrime and Hacking White Papers | Webcasts