I was pleasantly surprised to hear about the arrests yesterday in the UK, and the indictments today in the U.S. for 19 and 34 individuals (probably the money mules – not the masterminds) respectively participating in Zeus-based trojan attacks against bank customer accounts. The UK perpetrators (15 men and 4 women) allegedly stole at least 6 million pounds. The 34 foreign exchange students in the U.S., from Russia, Ukraine, Kazakhstan and Belarus, allegedly stole $868,000. A previous U.S. arrest of 19 individuals (not sure what the correlation here is between the 19 in the U.S. and 19 in the UK) allegedly got away with another $100,000.
These are the first arrests I know of directly related to Zeus attacks on bank accounts, although there probably have been others – just not this big.
This is a great start. Of course, I have to ask, is this just the tip of the iceberg? If the New York District Attorney’s office was only able to nab crooks that stole about $1 million from U.S. bank account holders, what happened to the other (at least) $199 million that the FBI publicly said has been stolen with this specific genre of attack?
In any event, let’s hope this puts a noticeable dent in the Zeus-related criminal networks that are wreaking havoc with online banking around the world. It does prove that law enforcement is becoming more technically savvy and has the know-how to track down the cybercrooks – whether they do it on their own or with the help of security firms.
But given that anyone can buy a Zeus kit for a couple of thousand dollars or less and use it to steal money from bank account holders who bank online – it’s way too premature to relax and claim victory.
Category: Uncategorized Tags: