ZeuS trojan bank-theft scheme extends to the U.S.

More than 60 people will be charged in the U.S. with using the Zeus trojan to steal millions of dollars from U.S. banks as part of a scheme that resulted in similar charges in the U.K. earlier this week.

Security quiz: How well do you know the insider threat?

The U.S. Attorney and Manhattan District attorney are expected to announce the charges today at 1 p.m., according to a Wall Street Journal story.

Some of those charged have already been arrested, and some live outside the U.S., the story says.

On Tuesday, police in London arrested 19 people in connection with thefts that totaled more than $9.4 million over a three month period.

They allegedly used features of the ZeuS trojan to break into customer accounts and steal funds by transferring it to other accounts held by accomplices who then delivered it to the masterminds via untraceable means like Western Union, says Mickey Boodaei, CEO of browser security vendor Trusteer.

Those involved were apparently careless with their own security, leaving cracks where investigators could peer inside the operation and track who was involved, he says.

In some cases Trusteer has managed to find the command and control servers used to run the operation, the company claims. Once investigators track down the command and control servers, they can follow transactions to the server and so trace the criminals, Boodaei says.

Similarly, investigators can trace the accounts set up by the money mules – the people whose accounts receive the stolen funds then transfer them to the criminals. Once they are found, investigators can trace how they were recruited and perhaps by whom, he says.

Read more about wide area network in Network World's Wide Area Network section.

Join the newsletter!

Error: Please check your email address.

Tags securitycybercrimelegalanti-malwareZeus botnetTrusteer

More about LANManhattanWall StreetWestern Union

Show Comments
[]