The Manhattan district attorney on Thursday announced charges against 36 people in connection with the operation of the Zeus malware campaign. It’s the second major bust of suspects in the Zeus investigation this week, following the arrest of 20 people in the U.K. on Tuesday. The U.S. Attorney in New York also announced charges against 34 other people in connection with the same operation.
Cyrus Vance, the district attorney for Manhattan, said that the people charged were allegedly responsible for stealing roughly $860,000 from 34 accounts belonging to consumers, as well as corporations.
“This
advanced cybercrime scheme is a disturbing example of organized crime in the 21st century – high tech and widespread,” said Vance. “These criminals stole from ordinary citizens and businesses
using a keyboard—not a gun. The masterminds
used social networking sites and other methods to recruit students into their
criminal enterprise. The far-reaching results of this investigation to
date represent successful cooperation among city, state, federal and foreign
law enforcement officials, who worked together for a common goal—to identify and prosecute individuals
who commit fraud against New Yorkers and the rest of the nation.”
The arrests and charges in New York allegedly involve a number of people who were working as money mules in the Zeus operation. Money mules serve as go-betweens for the attackers, receiving bank transfers, taking a small commission on each one and then moving the money out to another account. In some cases, there will be two or three layers of these cut-outs between the accounts from which the money was stolen and the attackers themselves. The money mules often are recruited through work-at-home scam ads.
Vance said that all of the people indicted Thursday are citizens of various Eastern European nations, including Belarus, Kazakhstan and Ukraine. They defendants are being charged with identity theft and some also are facing charges of grand larceny.
Zeus has been one of the more prevalent threats for the last couple of years, comprising a botnet as well as an untold number of compromised legitimate Web sites and infected servers. The Zeus toolkit enables attackers to steal online banking credentials and other sensitive data, which are then used to drain money from victims’ bank accounts. It’s sold as a complete crimeware package and, although the Zeus botnet often is referred to as a singular thing, it is actually made up of a number of smaller pieces operated by various groups, researchers say.
The arrests in the U.K. on Tuesday targeted a group running a Zeus operation that local authorities said was targeting several U.K. banks and may have netted close to $10 million in stolen funds for the crew. The arrests and charges announced Thursday in New York apparently are connected to the investigation in the U.K., as well.
“We believe we have disrupted a highly organised criminal network,
which has used sophisticated methods to siphon large amounts of cash
from many innocent peoples’ accounts, causing immense personal anxiety
and significant financial harm,” Detective Chief Inspector Terry Wilson of the Police Central e-Crime Unit said in a statement.
The U.S. Attorney in Manhattan, Preet Bharara, also announced indictments against 34 people on Thursday.
“The electronic age brings with it many benefits, but also many
challenges for law enforcement and our financial institutions. As today’s
arrests show, the modern, high-tech bank heist does not require a gun, a mask,
a note, or a getaway car. It requires only the Internet and
ingenuity. And it can be accomplished in the blink of an eye, with just a
click of the mouse,” he said. “But today’s coordinated operation demonstrates that
these 21st century bank robbers are not completely anonymous, and
are not invulnerable. Working with our colleagues here and abroad, we
will continue to attack this threat at every level, and bring cyber criminals
to swift and certain justice.”