Police say the cyber-crime ring swiped the money during a three-month period using the notorious Zeus Trojan.
Scotland Yard has arrested 19 people in connection with a
cyber-crime ring accused of stealing millions from bank accounts in
Officers from the MPS (Metropolitan Police Services) Police Central
e-Crime Unit arrested 15 men and four women in predawn raids Sept. 28
in London. They group is believed to be behind the theft of approximately ???6 million
million) from banks in the U.K. during a three-month period.
Authorities believe that figure is likely to increase as the
The group used a variant of the Zeus Trojan to swipe user banking credentials, police said. Zeus is one of the most popular banking Trojans
the cyber-underground and has been linked to numerous similar
operations. With user credentials in tow, the crew allegedly
transferred funds via mules to get their hands on the money.
Recently, security researchers observed Zeus purveyors targeting mobile phones
an attempt to circumvent the two-factor authentication used by banks to
verify user identity. In that case, after obtaining a user's online
banking credentials, attackers would attempt to trick the victim into
giving up their phone number so they could send them an application to
covertly monitor their SMS messages. That way, when their online bank
sends them a transaction authentication number via SMS to verify their
identity before approving a transaction, the attacker can intercept it.
"Zbot (also known as Zeus) is a significant malware family--the many
different variants of the Trojan in existence have been distributed by
hackers in a variety of different disguises," blogged Graham Clulely,
senior technology consultant at Sophos. "Arrests like the ones in
London don't mean the end of Zbot--it continues to be available for
sale to other criminals via underground Websites--but it's still good
news for everyone interested in making the Internet a safer place."
Detective Chief Inspector Terry Wilson of the PCeU advised online
banking customers to make sure their systems are up-to-date and secure,
and to be on the lookout for any unusual or additional security
features requested that seem to be out of step with their normal log-on
"We believe we have disrupted a highly organised criminal network,
which has used sophisticated methods to siphon large amounts of cash
from many innocent peoples' accounts, causing immense personal anxiety
and significant financial harm--which of course banks have had to repay
at considerable cost to the economy," Wilson said in a statement.