European cyber-crime agencies have busted a criminal gang responsible for infecting tens of thousands of computers with banking Trojans and stealing up to EUR2 million from user accounts.
A joint investigation team (JIT) consisting of investigators from six different European countries arrested five suspects in four different cities on suspicion of developing, exploiting and distributing Zeus and SpyEye malware, as well as channelling and cashing-out the proceeds of their crimes.
The cybercriminals are accused of using malware to attack online banking systems in Europe and beyond, adapting their attackss over time to defeat the security measures implemented by banks. On the digital underground forums, they actively traded stolen credentials, compromised bank account information and malware, while selling their hacking ‘services’ and looking for new cooperation partners in other cybercriminal activities.
"This was a very active criminal group that worked in countries across all continents, infecting tens of thousands of users’ computers with banking Trojans, and subsequently targeted many major banks," says Europol. "The damage produced by the group is estimated to be at least EUR2 million."
The roundup was part of a wider investigation that was launched in 2013 by the JIT members (Austria, Belgium, Finland, the Netherlands, Norway and the United Kingdom), and aided by Europol and Eurojust. The latest bust brings the total number of arrests in this operation to 60, including 34 who were captured as part of a ‘money mule’ sting run by Dutch law enforcement authorities.