The cyber thieves were smart. Instead of targeting corporations and large banks that had state-of-the-art online security, they went after the accounts of medium-sized companies, towns, and even churches. Before they were caught, members of the theft ring managed to steal $70 million.
Today, with our law enforcement partners in the United States, the United Kingdom, Ukraine, and the Netherlands, we announce the execution of numerous arrests and search warrants in multiple countries in one of the largest cyber criminal cases we have ever investigated.
“This was a major theft ring,” said Gordon Snow, assistant director of the FBI’s Cyber Division. “Global criminal activity on this scale is a threat to our financial infrastructure, and it can only be effectively countered through the kind of international cooperation we have seen in this case.”
Using a Trojan horse virus known as Zeus, hackers in Eastern Europe infected computers around the world. The virus was carried in an e-mail, and when targeted individuals at businesses and municipalities opened the e-mail, the malicious software installed itself on the victimized computer, secretly capturing passwords, account numbers, and other data used to log into online banking accounts.
The hackers used this information to take over the victims’ bank accounts and make unauthorized transfers of thousands of dollars at a time, often routing the funds to other accounts controlled by a network of “money mules.” Many of the U.S. money mules were recruited from overseas. They created bank accounts using fake documents and phony names. Once the money was in their accounts, the mules could either wire it back to their bosses in Eastern Europe, or turn it into cash and smuggle it out of the country. For their work, they were paid a commission.
Yesterday, our New York office arrested 10 subjects related to the case, and we are seeking 17 others. Those arrested are charged with using hundreds of false-name bank accounts to receive more than $3 million from victimized accounts.
In all, the global theft ring attempted to steal some $220 million, and was actively involved in using Zeus to infect more computers. But beyond the actual and potential monetary loss, this case is significant because of the extraordinary level of cooperation among international law enforcement to stop the group. And it also sends a message to hackers around the world that there are fewer safe havens from which they can operate.
“There are many challenges in a complicated global case like this one,” said Weysan Dun, special agent in charge of our Omaha office, where the investigation began in May 2009 when agents discovered a pattern of suspicious banking transactions. “With multiple countries involved, there are differences in times zones, geography, and culture, not to mention that all our cyber laws are not the same. “But those differences were overcome,” Dun said, “and the results speak for themselves.”
He added, “The international tolerance for this kind of criminal activity is decreasing. Our partners overseas are dealing more aggressively and effectively with cybercrime than ever before. The number of nations that collaborated and worked in partnership with the Bureau on this case represents a very significant step forward in the way we investigate these cases.”