World’s Largest Cybercrime? Zeus and Mules, What Will They Think of Next?

Over 100 arrests and charges have been filed in both the U.S. and United Kingdom in what has been heralded as the largest cyber-crime to date. At least 80 people from the U.S. have been named and many people charged in the case are believed to have fled the United States. Twenty arrests were made in London. The estimates of the cyber thefts have been as high as 70 million dollars with 3 million dollars thus far identified as being stolen from U.S. bank accounts.

According to Gordon Snow, assistant director of the FBI’s Cyber Division. “This was a major theft ring. Global criminal activity on this scale is a threat to our financial infrastructure, and it can only be effectively countered through the kind of international cooperation we have seen in this case.”

The theft ring included both computer hackers and mules used to move the money once it was diverted into accounts set up under false identities. The alleged scammers are from the U.S. Georgia, Ukraine, Estonia, Belarus and Latvia.

Another Trojan Pulls a Ruse:

This time it wasn’t a Trojan horse but rather “Zeus Trojan,” a computer software program that attacks using the Internet.

Zeus isn’t a new Trojan but it has clearly been updated. According to Mikko Hypponen, chief research officer for F-Secure Corp., it is believed that either an individual or group operating in Russia developed Zeus. There are claims that Zeus has been used to access government log-ins as well.

In the years past Zeus was used to simply retrieve usernames and passwords for hackers to use to steal identities and money. Today’s more sophisticated version of Zeus can actually “piggybank” and send money directly from a victim’s account to the accounts set up for fraud, avoiding the password security features set up by financial institutions.

Once the money has been stolen, “mules” are used to transfer the money to U.K. masterminds. Mules were reportedly solicited through Russian language newspapers as well as social networking sites. Mules moved money one of two ways. They either wire transferred money or else withdrew cash and physically transported it. Mules are said to have received an 8 to 10% commission for their troubles.

The investigation of these cyber-crimes began in May 2009. In July security firm M86 Security in California says that they found computers of customers of one bank in the U.K. infected with Zeus. Investigations showed that 1 million dollars had been stolen and personal information date of birth and account numbers for 3,000 customers had been retrieved.

Which banks have been named in the Global Cyber-Crime?

Some banks were stolen from while others were used for falsified accounts to move money.

Ally Financial Inc., J.P. Morgan Chase, TD Bank Financial and Bank of America have all been named in relation to the global cyber-crime.

How can consumers protect themselves?

First of all it is important to know how this Zeus Trojan attacked the computers. Seemingly benign emails were sent and once victim’s clicked on infected links or opened infected attachments, Zeus went to work. The best way to protect your home or office computer and your finances is to never open emails from unknowns and never pursue links or attachments from unknown or even potentially copycat sources.