Zeus has been around for quite some time, we reported it about it initially back in 2009 when it was noted Zeus could evade anti-virus software.
In more recent months it was noted that Zeus has become more focused and variations of Zeus were found to be targeting banks and financial organisations in specific geographic regions.
The latest news is both in the UK and US charges and arrests have been carried out on people involved in the Zeus ring that has been stealing money. Some reports claim the ring has stolen up to 200 Million USD since 2006, quite a substantial amount. In the UK alone they have netted £6m in the past 3 months and were all caught in the Essex region.
U.S. authorities have charged more than 60 people in connection with the money-stealing Zeus Trojan program, according to the U.S. Department of Justice. The arrests follow a Tuesday U.K. sweep that led to 11 charges against Eastern European citizens thought to be involved in moving stolen funds out of the country.
Zeus has been a major problem for computer users and financial institutions over the past few years. Once installed on the victim’s PC, the malware can be used to log into a victim’s bank account and transfer funds to another account controlled by the criminals. The malicious software is sold in black market forums and there are more than a dozen Zeus gangs in operation worldwide. Security experts say that the gangs have netted more than US$200 million since Zeus was discovered in 2006.
The U.S. arrests involve so-called money mules, people who are paid to set up accounts that receive stolen funds and then move the money out of the country, typically via a wire service such as Western Union. The DOJ has scheduled a press conference in Manhattan on Thursday afternoon to further discuss the arrests.
All the individuals involved seem to be Eastern European/Russian, this is true for both the US and UK arrests – Police charge 11 over Zeus cybercrime scam in UK.
You can see a list of the people still wanted by the FBI here – Wanted by the FBI for Federal Cybercrime Charges.
It’s good to see this kind of fraud being taken seriously as it is damaging to the economy, the banks and the consumers themselves. Even if protected by insurance it’s a long winded and time intensive process to claim back and money lost to fraud.
According to documents seen by IDG News Service, prosecutors have filed a total of 26 complaints. Investigators from the agencies including the U.S. Federal Bureau of Investigation and State Department special agents describe in the complaints an elaborate network used to launder funds stolen by the Zeus malware.
One of the complaints describes in-depth the use of money “mules” in order to facilitate the transfer of funds into criminal accounts. Mules agree to allow funds to be transferred out of victims’ accounts into their own accounts. Those funds are typically quickly withdrawn and wired elsewhere before banks detect the fraud.
But that was a risky job, involving withdrawing cash from the banks either in person or visiting cash machines, both of which would be under video surveillance.
“The mule organization typically recruited mules from Eastern Europe who were either planning to travel to or were already present in the United States on J1 visas,” according to the complaint lodged against three individuals: Artem Semenov, Almira Rakhmatulina and Julia Shpirko.
The J1 visa is a non-immigrant visa granted to people such as students. When those mules arrived in the U.S., they were given fake foreign passports in order to open more bank accounts. Stolen funds were transferred to those accounts in amounts close to $10,000, according to the complaint.
Most of them seem to be operating in the same way, entering the US under student visas then opening bank accounts with fake passports, laundering the money in small amounts so as not to trigger banking alerts (less than $10,000) then keeping a small cut and sending most of the money off to some larger organisation.
More from The Register here – Feds accuse 37 of being Zeus ‘money mules’
I’m guessing there will be a lot of news about this and more details will be exposed in the following weeks.
Source: Network World