EnterpriseFinancial MarketsProjectsSecurityWorkspace

Zeus Gang Blags £6m From UK Bank Accounts

0 0 4 Comments

The Zeus Trojan is rapidly becoming public enemy number one as London police arrest online banking hackers

The Police Central e-crime Unit (PCeU) has arrested 19 people suspected of using the Zeus Trojan to launder money and steal £6 million from online bank customers over the last three months.

The group comprised 15 men and four women, with ages ranging from 23 to 47, located in various parts of London. The arrests resulted from cooperation between police officers, computer experts and banking representatives working together as a “virtual task force”. The team tracked the fraudsters for three months but the gang may have been in operation longer.

Thousands Of Computers Exposed

Detective chief inspector Terry Wilson of the PCeU, a division of London’s Metropolitan Police, told the BBC that the amount stolen was a current estimate and that he expected the total to “increase considerably” as the investigation continues.

He said that the gang had harvested log-in details used by customers of various UK banks by introducing the Zeus program onto thousands of computers. This information was then used to steal money and to transfer and remove further sums into the accounts as part of a “laundering” process. Laundering is a way of using financial transactions to conceal the source and destination of illegally gained money.

The arrested group are being held at various London police stations where they have been questioned on suspicion of fraud, money laundering and offences under the Computer Misuse Act. Two of those held were also suspected of being in possession of a firearm.

“We believe we have disrupted a highly organised criminal network, which has used sophisticated methods to siphon large amounts of cash from many innocent people’s accounts, causing immense personal anxiety and significant financial harm – which of course banks have had to repay at considerable cost to the economy,” Wilson told the BBC.

  1. Ryan Rubin, head of information security and privacy at Protiviti UK comments:

    “This incident highlights the very real threat of e-crime and the direct impact on business. As the financial implications of e-crime increase, it becomes easier to justify further investment in solutions to address these threats. However, the challenge is staying ahead of the criminals. For instance, the attacks targeted consumers who are seen as a weaker link than banks, which invested heavily in information security protection.

    “Most banks offer internet and increasingly mobile services and so must ensure that they have appropriate controls to protect, detect and assist in preventing these types of attacks on their customers.’Traditional’ security such as firewalls, passwords and anti-virus software are not effective enough on their own and need to be combined with other technologies, an understanding of user behaviour and general good security business practices to thwart future threats.

    “Banks need to invest more to help consumers better understand and manage their own security and develop clear strategies to fraud detection. Likewise, there should be greater focus on behavioural monitoring, high risk transaction screening and customer verification.”

  2. Mickey Boodaei, CEO of Trusteer, the Secure Browsing Service specialist said:

    “The arrests show that some of the criminal groups behind Zeus are doing a poor job in covering their tracks. This provides an excellent opportunity for the police, the banks, and their customers to join together and get more criminals behinds bars. The police did a great job in tracing down this group and gathering information that can facilitate their arrest. This is not a simple task and I’ve heard many people saying that this is almost impossible due to the level of sophistication from criminals and the complication of the justice system. However, this case and a few others that precede it show that this can be achieved.

    “By running more operations like this and by the banks and other organizations investing effort in tracing fraudsters and not just blocking their activities, there is a good chance we can lower the volumes of attacks. Customers can take their banks’ advice and implement fraud prevention tools that provide valuable capabilities to banks in detecting and blocking these threats. By working together we can definitely stop this threat from growing.”

  3. M86 reported an attack in the UK where around £700,000 was raided from banks and more than 100,000 computers were infected via a botnet by an organised network of cyber criminals. That attack, shows that banks need to look at both authentication information and at the behavior of user sessions to detect these types of attacks. It is critical for banks and other online organizations to understand the behavior of their web sessions to detect these sophisticated types of threats.