US charges dozens over Zeus scam
01 October 2010 | 9948 views | 1
US authorities have charged over 70 people accused of using the infamous Zeus Trojan to steal more than $3 million dollars from online bank accounts.
Federal prosecutors have laid charges against 37 defendants, while Manhattan District Attorney prosecutors have charged 36, on top of 19 previously arrested.
The US crackdown comes days after police in London arrested 19 people in connection with the Zeus-aided theft of millions of pounds. Of these, 11 - all from Eastern Europe - have been charged.
According to the US federal complaints, the cyber-attacks began in Eastern Europe, with the crooks using malware, including Zeus, to siphon off millions of dollars from accounts.
The malware was typically sent as an apparently-benign e-mail to computers at small businesses and municipalities. Once opened, the malware embedded itself in the victims' computers, and recorded their keystrokes-including their account numbers and passwords, as they logged into their bank accounts online.
The information was then used to take over the victims' accounts, enabling the gang to make unauthorised transfers of thousands of dollars at a time to mule accounts controlled by the co-conspirators.
The money mule organisation recruited people who had entered the US on student visas, providing them with fake foreign passports, and instructing them to open false-name accounts at banks. Once money was in these accounts, the mules were instructed to transfer the proceeds to others, most of which were overseas, or to withdraw the proceeds and transport them abroad as smuggled bulk cash.
The defendants charged in Manhattan federal court include managers of and recruiters for the money mule organisation, an individual who obtained the false foreign passports, and mules themselves.
Federal prosecutors allege the 37 charged stole over $3 million in 21 separate cases. The Manhattan indictments against the other 36 accuses the defendants of stealing more than $860,000 from 34 separate corporate and individual victims and sending them to mule accounts at JPMorgan Chase and other banks.
Manhattan US Attorney Preet Bharara says: "The digital age brings with it many benefits, but also many challenges for law enforcement and our financial institutions. As today's arrests show, the modern, high-tech bank heist does not require a gun, a mask, a note, or a getaway car. It requires only the Internet and ingenuity. And it can be accomplished in the blink of an eye, with just a click of the mouse."