October 1, 2010

Dozens Charged In Zeus Cybercrime Ring

US federal prosecutors charged more than 60 people in an eastern European-based cybercrime ring for using computer viruses to infiltrate US bank accounts and steal more than $3 million, authorities said Thursday.

Federal prosecutors in New York said the defendants were "involved in a global cybercrime scheme that used the Zeus Trojan" and other viruses to snatch millions from American bank accounts.

The suspects were charged with crimes including everything from bank fraud to identity theft in a scam that allegedly moved money to hundreds of accounts set up by accomplices.

The charges followed the arrest of 19 people in Britain on computer crimes charges on Tuesday. The suspects were part of a "sweeping and coordinated effort to combat the 21st century's variation on traditional bank robbery," said US Attorney Preet Bharara in New York.

"The mouse and the keyboard can be far more effective than the gun and the mask," Bharara said at a news conference, comparing cyber sleuths to classic bank robbers.

"As today's arrests show, the modern, high-tech bank heist does not require a gun, a mask, a note, or a getaway car. It requires only the Internet and ingenuity. And it can be accomplished in the blink of an eye, with just a click of the mouse -- at a distance of thousands of miles," he said.

The alleged crime ring had hackers in eastern Europe using malicious computer programs to obtain access to bank accounts of "small and mid-sized businesses and municipal entities in the United States," according to the criminal complaints.

The Zeus virus infects computers when users click on a link or attachment in a seemingly legitimate email. Once the virus is installed, it "allows computer hackers to secretly monitor the victim's computer activity, recording, among other things, the victim's bank account numbers, passwords, and authentication information," the complaints said.

The cyber criminals also recruited "money mules" to open bank accounts in the United States, often with fake passports, but sometimes under their own names"¦ "to receive fraudulent wire transfers from victim accounts," the complaints said.

The "money mules" were students visiting the United States from Belarus, Kazakhstan, Russia and Ukraine, Manhattan District Attorney Cyrus Vance said.

These mules opened bank accounts, received money stolen by hackers and made quick withdrawals "before the fraud could be detected by the victims or the banks," the complaints said.

Mules usually kept about 10 percent of the transfer as a payment for their illegal work, and then transferred the rest to the crime network.

One suspected mule, Russian Yulia Klepikova, who had several aliases, opened a string of US accounts using fake passports from other countries, prosecutors allege.

She allegedly withdrew tens of thousands of dollars in money that had been transferred to these accounts from the hackers' victims.

Prosecutors said that the victims include five banks and dozens of individual and business account holders.

"This advanced cybercrime scheme is a disturbing example of organized crime in the 21st century -- high tech and widespread," Vance said.