Baltic Men Jailed For £100,000 SpyEye Operation

Three men from separate Baltic regions have been jailed in the UK following an operation that targeted British banks.

Pavel Cyganok, from Lithuania, and Ilja Zakrevski, of Estonia, received sentences of five and four years respectively, following arrests last year. Latvian Aldis Krummins was handed two years after being found guilty on 18 June of money laundering in relation to the investigation. A fourth man was found not guilty on 21 June of concealing criminal property.

Cyganok and Zakrevski were found guilty of offences under the Computer Misuse Act for using the SpyEye Trojan to steal banking data, which they stored on command and control servers across the globe. One of those servers in the UK showed that around 1000 computers had been infected and connected to the server within days of operation.

PCeU to the rescue

The men managed to acquire £100,000 using credit card data stolen by SpyEye, an investigation by the Met’s Police Central e-crime Unit (PCeU) found. They used the money to buy additional IT infrastructure and luxury goods, which were later sold on online auction sites.

The victims were not just from the UK either, with online bankers in Denmark, The Netherlands and New Zealand also hit.

“This complex international investigation concerned the construction and distribution of sophisticated banking Trojans,” said Detective Constable Bob Burls from the Met’s PCeU.

“The defendants, during the course of their enterprise, developed a highly organised IT infrastructure to enable their criminality including in some cases, the automatic infection of innocent computer users with their malicious code.”

Last month saw some significant progress from law enforcement bodies in the fight against cybercrime. In late June, the FBI announced the arrest of 24 people, including six in the UK, after an undercover operation broke up a ‘carding’ fraud network.

The teenage leader of the TeamPoison hacking team pleaded guilty to two charges last week, one of which related to the theft and publication of former Prime Minister Tony Blair’s address book in June 2011.

Are you up on IT security? Try our quiz!