28 November 2014

The Joy of Fraud Fighting

Uri Rivner - BioCatch

77 | posts 318,199 | views 35 | comments

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.

Operation Trident

04 October 2010  |  6080 views  |  0

The bloodhounds are continuing to register notable victories over online crime rings. This time there were a massive series of arrests done in US, UK and other countries in relation to fraudsters spreading or cashing out on a major Zeus Trojan operation, which has been pestering US businesses for the past 18 months.

In a clever multi-national investigation called Trident Breach, over 150 charges or arrests were made across the US, UK and East Europe. Check out this cool chart that explains the scale of the Cybercrime operation and the geographic location of its members.

The first announcement came from the UK, where the Metropolitan Police Central eCrime Unit said it had arrested 19 people who have spread the Zeus Trojan to pray on victims. The total proceeds from their operation is 6 million pounds.

Then US law enforcement authorities then announced the FBI put behind bars 37 fraudsters who were charged with knowingly serving as mules accounts for stolen Zeus credentials. These collaborators, entering to the US under student visas, were responsible for receiving money transfers from victims and then wiring the money into the hands of the cash-out masterminds.

A few days later, the full scale of the operation became apparent with 5 more arrests done in Ukraine, this time of the Cybercriminals who were responsible for setting up the Zeus botnet and controlling the operation.  In total the group cleaned $70m, mostly from business accounts.

As of October 2010, Zeus remains the predominant Trojan: RSA still sees the vast majority of stolen credentials coming from Zeus botnets. There are hundreds of Zeus servers running right now, each of them operated by a single fraudster or a small group of criminals, each of them monitoring thousands of victims 24/7. Millions of hijacked PCs run Zeus.

Zeus has all the signs of a healthy business. Beyond the fact its developer released a major version early 2010, it has a lively community of add-ons, localized versions, templates and scripts that can be used on the main Zeus platform. An example: a Zeus add-on script that empties your account in 10 seconds, then shows a false account balance whenever you log into online banking. Only if you look at a printed statement you’ll see your account is empty.

Zeus does have competition, though. SpyEye is a new incumbent that certain fraudsters prefer over Zeus; in certain locales it has about half of Zeus market share. Gozi started to rent its botnet to other uses; and there are always new Trojans developed.    

The recent arrests add up to the all the good work the FBI, Scotland Yard, and law enforcement agencies in US, UK and Europe have been doing recently.

Well done, lads!

Operation Trident: aftermath TagsOnline bankingPayments

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Latest posts from Uri

Brazil vs. Germany: A Surprising Find

12 July 2014  |  2332 views  |  1  |  Recommends 0 TagsSecurityMobile & onlineGroupInnovation in Financial Services

Sweetheart Scams: When Fraudsters Turn to Romance

30 June 2014  |  1811 views  |  0  |  Recommends 0 TagsSecurityMobile & onlineGroupInnovation in Financial Services

BitCoin Explained: How to Become a BitCoin Thief - part 1

04 December 2013  |  17675 views  |  1  |  Recommends 1 TagsMobile & onlinePaymentsGroupInformation Security

A Message from Hell

01 October 2013  |  2880 views  |  0  |  Recommends 0 TagsSecurityMobile & onlineGroupInnovation in Financial Services

The Dark Side of Security

11 September 2013  |  2145 views  |  0  |  Recommends 0 TagsSecurityMobile & onlineGroupInnovation in Financial Services
name

Uri Rivner

job title

Head of Cyber Strategy

company name

BioCatch

member since

2008

location

Tel Aviv

Summary profile See full profile »
Internet. The perfect fraud frontier. These are the thoughts of Uri Rivner, head of Cyber Strateg...

Uri's expertise

What Uri reads
Uri writes about

Who is commenting on Uri's posts

Ketharaman Swaminathan
Brett King