You are here: Home » Hi-tech Crime » Busted! Massive Cyber Crime Ring Taken Down

Busted! Massive Cyber Crime Ring Taken Down

by Dave on October 3, 2010

a pair of hands in handcuffsA massive global cyber crime bust went down this week. The target was a sophisticated Internet crime gang that specialized in stealing money from small businesses, local governments, school districts, churches and non-profits. Authorities believe this crime ring stole at least $70 million in one of the largest cyber crime investigations yet seen.

After a year-long investigation, this organization was systematically dismantled in an extraordinary cooperative effort by the law enforcement agencies of 4 countries. The results: 90 people were arrested in the U.S., 19 in the U.K., and 5 in the Ukraine. Those arrested in the Ukraine are believed to be the masterminds behind the organization.

The crime spree began by sending e-mails specifically to finance personnel. The e-mail contained malware – a customized version of the ZeuS Trojan. The U.S. complaint, unsealed Thursday Sept 30th in Manhattan federal court, explains further:

“Once the email was opened, the malware embedded itself in the victims’ computer, and recorded their keystrokes – including their account numbers, passwords, and other vital security codes – as they logged into their bank accounts online.

The hackers responsible for the malware then used the stolen account information to take over the victims’ bank accounts, and made unauthorized transfers of thousands of dollars at a time to receiving accounts controlled by the co-conspirators.

These receiving accounts were set up by a money mule organization responsible for retrieving the proceeds of the malware attacks and transporting or transferring the stolen money overseas. To carry out the scheme, the money mule organization recruited individuals who had entered the United States on student visas, providing them with fake foreign passports, and instructing them to open false-name accounts at U.S. banks.

Once these false-name accounts were successfully opened and received the stolen funds from the accounts compromised by the malware attacks, the “mules” were instructed to transfer the proceeds to other accounts, most of which were overseas, or to withdraw the proceeds and transport them overseas as smuggled bulk cash.”

Those arrested illustrate the size and sophistication of the gang. Those in the Ukraine were the programmers. They initiated the process by setting up the system, customizing the ZeuS malware and then sending the e-mails containing the malware. Those in the U.K. and the U.S. were “money mules,” who opened false bank accounts and moved the money for a small commission. In addition were mule recruiters and managers, and forgers who provided all the false IDs needed.

The level of cooperation between law enforcement agencies working on this case is unprecedented. Differences in laws, time zones, culture were overcome to crack the case and make the arrests.

The investigation is ongoing. I’m sure more details will be released as time goes on. The following articles however provide a wealth of information about the structure and function of these gangs.

Krebs article 9-29-10

Krebs article #1 9-30-10

Krebs article #2 9-30-10

 Acohido article 9-30-10

 FBI announcement 10-1-10

 Krebs article 10-2-10

Be Sociable, Share!

Comments on this entry are closed.

Previous post:

Next post: