The FBI announced that they
have charged 37 members of an Eastern Europe cybercrime ring with Federal and
State crimes, as they used Zeus Trojan to pilfer over $3 million from
unsuspecting users bank accounts. This
action by FBI follows a year of investigative work by the agency, the U.S.
Attorney’s office, the NYPD and the U.S. Secret Service. The Zeus Trojan was delivered as a hidden
component of what appeared to the user as a benign email attachment. The malware was then activated in the user’s
computer with a single click. The
clever Trojan malware then was able to track keystrokes making it possible for
the cybercriminals to access online bank accounts and quietly transfer funds to
co-conspirator accounts. "This
advanced cybercrime ring is a disturbing example of organized crime in the 21st
Century -- high-tech and widespread," New York District Attorney Cyrus
Vance wrote in a statement.
The cybercriminal ring actively recruited accomplices
that entered the U.S. with student visas and with counterfeit passports to set
up dummy bank accounts. Eventually the
money was smuggled back to Eastern Europe.
The scam was first discovered in 2009 when the NYPD followed up on a
suspicious $44000 bank withdrawal in the Bronx that eventually led to a
multi-agency domestic and international investigation. "The
Zeus Trojan allegedly allowed the hackers, from thousands of miles away, to get
their hands on other peoples' money," FBI Assistant Director Janice
Fedarcyk stated. "But their scheme didn't eliminate risk." The 37 defendants were charged with money
laundering, bank fraud, falsification of passports and conspiracy to commit
fraud by the U.S. Attorney’s office. If
the defendants are convicted, they are looking at sentences of 10 to 30 years
of imprisonment and fines of up to $1,000,000 per count.