Global Cyber Crimes Start with Zeus and Trojans

Sounds like something straight out of Greek mythology doesn’t it?  More than 100 people from the United States and the United Kingdom have been arrested or charged in connection with alleged global cyber-crimes estimated to be in the millions.    According to Mr. Bharara, Manhattan U.S. attorney, “The modern high-tech bank heist, does not require a gun.  It requires only the Internet and ingenuity.”

Just about everyone these days has the Internet, so who has the ingenuity?

Eighty people have been arrested in the U.S. and twenty people were arrested in London including both men and women from Georgia, Ukraine, Latvia, Estonia, and Belarus.

At least $3 million was stolen from accounts in the U.S. and total estimates of money stolen have been reported as high a $70 million.

How did the global cyber-crime go down?

The global cyber-scam was multilayered.  Computer hackers used malware known as Zeus Trojan, which arrives in a seemingly innocent email.  If email recipients click on a link, the virus monitors the attacked computer and reports user names and passwords, all of the important personal information people use to do business and shop online.

Zeus, a software program that antivirus experts believe was developed by either an individual or a group from Russia, isn’t new.  Security groups have been aware of Zeus malware for several years but say recently the code has become more sophisticated.

Instead of just stealing information, the latest version of Zeus appears to be able to “piggyback” legitimate account uses and funnel money directly to the “mule’s” account.

“Mules” were trained to open fake accounts using fake identities and then to either transfer the stolen money back to masterminds in Europe or to cash out the accounts and accompany the money to Europe.

So what does a “mule” make these days?

The paper trails show that typically money was withdrawn in rounds of $10,000 with mules earning 8% to 10%.

How were “mules’ recruited?

According to Cyrus Vance Jr., Manhattan District Attorney, mules were recruited through social networking sites and Russian Language newspapers.

This scam defrauded a combination of banks, corporations and individuals.

J.P. Morgan Chase, Ally Financial Inc. and PNC Financial Inc. have been named as victims in the scam while TD Bank Financial Group and Bank of America have been named as banks used to funnel money.

What are the charges in the latest global cyber-crime?

There are multiple charges including;

-Conspiracy to commit bank fraud and wire fraud

-Possession of false identification documents

-False use of passports

-Grand larceny

-Money laundering

-Identity theft

Officials say the significance in this case is the high-level of cooperation that has lead to the arrest and the prevention of further thefts.  The investigations in the United States began in May of 2009.

According to Weysan Dun, special agent in charge in the Omaha office, “There are many challenges in a complicated global case like this one.  With multiple countries involved, there are differences in times zones, geography, and culture, not to mention that all our cyber laws are not the same. But those differences were overcome,” Dun said, “and the results speak for themselves.”

Are you still opening emails from unknown senders?  Do you ever click on seemingly benign links?  How concerned are you about identify theft and online fraud?