Manhattan U.S. Attorney Charges 37 Defendants Involved in Global Bank Fraud Schemes that Used “Zeus Trojan” and Other Malware to Steal Millions of Dollars from U.S. Bank Accounts

Defendants Allegedly Compromised Dozens of Accounts and Transferred More Than $3 Million in Stolen Funds to Hundreds of Accounts Opened Under False Identities

Note: The following are significant excerpts from the U.S. Department of Justice’s Septemeber 30, Press Release:

Summary of how the fraud scheme worked:

“According to Complaints unsealed today in Manhattan federal court, the cyber-attacks began in Eastern Europe, and included the use of a malware known as the “Zeus Trojan,” which was typically sent as an apparently-benign e-mail to computers at small businesses and municipalities in the United States. Once the email was opened, the malware embedded itself in the victims’ computers, and recorded their keystrokes—including their account numbers, passwords, and other vital security codes—as they logged into their bank accounts online. The hackers responsible for the malware then used the stolen account information to take over the victims’ bank accounts, and made unauthorized transfers of thousands of dollars at a time to receiving accounts controlled by the co-conspirators.

These receiving accounts were set up by a “money mule organization” responsible for retrieving the proceeds of the malware attacks and transporting or transferring the stolen money overseas. To carry out the scheme, the money mule organization recruited individuals who had entered the United States on student visas, providing them with fake foreign passports, and instructing them to open false-name accounts at U.S. banks. Once these false-name accounts were successfully opened and received the stolen funds from the accounts compromised by the malware attacks, the “mules” were instructed to transfer the proceeds to other accounts, most of which were overseas, or to withdraw the proceeds and transport them overseas as smuggled bulk cash.

The defendants charged in Manhattan federal court include managers of and recruiters for the money mule organization, an individual who obtained the false foreign passports for the mules, and money mules.

As part of the coordinated takedown earlier today, federal and local law enforcement officers arrested 10 of the defendants. Another 10 were previously arrested. The defendants taken into custody in New York today are expected to be presented in Manhattan federal court later this afternoon. Seventeen defendants are still being sought here and abroad.”

The Challenge Of International Cybercrime – Current &  Developing Solutions:

Manhattan U.S. Attorney PREET BHARARA said: “The digital age brings with it many benefits, but also many challenges for law enforcement and our financial institutions. As today’s arrests show, the modern, high-tech bank heist does not require a gun, a mask, a note, or a getaway car. It requires only the Internet and ingenuity. And it can be accomplished in the blink of an eye, with just a click of the mouse. But today’s coordinated operation demonstrates that these 21st century bank robbers are not completely anonymous; they are not invulnerable. Working with our colleagues here and abroad, we will continue to attack this threat, and bring cyber criminals to justice.”

District Attorney CYRUS VANCE, JR. said: “This advanced cybercrime ring is a disturbing example of organized crime in the 21st century—high tech and widespread. The 36 defendants indicted by our office stole from ordinary citizens and businesses using keyboards—not a gun. The far-reaching results of this investigation to date represent what people deserve: successful cooperation between city, state, federal, and foreign law enforcement officials, who worked together for a common goal—to identify and prosecute individuals who commit fraud against New Yorkers and the rest of the nation.

DSS Special Agent-in-Charge CHRISTOPHER PAUL said: “The charges announced today send a strong message: Diplomatic Security is committed to collaborating with our law enforcement partners to make sure that those who commit fraud face consequences for their criminal actions. Diplomatic Security’s strong relationship with the U.S. Attorney’s Office and other law agencies around the world continues to be essential in the pursuit of justice.

HSI Special Agent-in-Charge JAMES T. HAYES, JR., said: “Protecting our nation’s financial infrastructure is a primary mission for HSI and the El Dorado Task Force. We will continue to work with our law enforcement partners to identify and disrupt these international organizations.”

USSS Special Agent-in-Charge BRIAN G. PARR said: “As the incidence of transnational cybercrimes continues to rise, the Secret Service remains actively engaged in fighting this type of illegal activity. The results of this investigation clearly demonstrate how the Secret Service is forging strong partnerships with other law enforcement agencies, successfully combating cyberfraud, and bringing high-tech perpetrators to justice.”

Full Press Release:

Click here to read the full press release.