British police have jailed 13 people who took part in an operation to infect victims' computers with malware and transfer funds out of their bank accounts.
British police have jailed
13 people suspected of being part of a sophisticated banking fraud cyber-gang
that used malware to steal millions of dollars from hundreds of people.
The cyber-crime ring is
accused of using Trojans to infect PCs and stealing sensitive information,
including bank account numbers and log-in credentials, the Metropolitan
Police Central eCrime Unit said Nov. 1. The criminals allegedly used the
stolen information to access victims' bank accounts and transfer money to
accounts under their control to the tune of at least 2.9 million British pounds,
or about $4.6 million.
code-named Operation Lath, involved various British law enforcement
authorities, the U.S. Federal Bureau of Investigation and the U.S. Department
of Justice. British police had originally arrested 20 people at various
locations in London and southeast England suspected of having ties to the
cyber-gang. Investigators from Her Majesty's Revenue and Customs, Britain's tax
authority, made additional arrests. Of the people arrested, 13 were jailed Oct.
"These defendants were
part of an organized network of computer criminals operating a state-of-the art
international online banking fraud, through which they stole many millions of
pounds from individuals and businesses in the U.K. and United States,"
said Colin Wetherill, a detective inspector with the Metropolitan Police
Central eCrime unit.
During house searches,
police recovered computers, mobile phones, banking documents and false
passports. While the total amount stolen is not yet known, authorities
estimated that the 13 people in jail were responsible for stealing at least 2.9
million British pounds between September 2009 and March 2010.
They'd attempted to steal
4.3 million pounds, or $6.9 million, the police said.
The gang was led by two Ukranians,
Yevhen Kulibaba and Yuriy Konovalenko, according to the police. Both men pled
guilty to "conspiracy to defraud" and were sentenced to serve four
years and eight months in prison. They began serving those terms Oct. 31,
Kulibaba was responsible for
obtaining and allocating accounts to be attacked, organizing the United
Kingdom-based conspirators to set up and maintain recipient accounts and later
remove funds, according to the police. Konovalenko was Kulibaba's "right-hand
man" and was based in Britain. Konovalenko managed the accounts that
received stolen funds and the money mules hired to transfer money.
The police did not provide
any information on how the malware was spread to infect victims' computers. It
is not clear at this time if this cyber-gang used Zeus, one of the most
sophisticated and popular banking Trojans in circulation, or different
Zeus became widespread in
early 2009 and has since infected millions of computers around the world and
been used to steal tens of millions of dollars from victims' bank accounts. A
little over a year ago, international law enforcement authorities arrested
several people accused of using Zeus to loot bank accounts. Scotland
Yard arrested 19 people accused of stealing $9.5 million from banks, the
37 individuals of stealing $3 million and Ukranian police arrested five
people accused of stealing
more than $70 million.
While Zeus attacks have
declined in recent months, it appears that the Trojan had changed its attack
vector to exploit the auto-run feature in unpatched Windows systems and was
making a comeback, according to a post on Microsoft's
Threat Research and Response blog.