In Moscow, law enforcement agencies have arrested a group of hackers who stole at least 60 million rubles (£1.3 million) in six months from various companies through the use of Trojan malware.
The group was one of the six most dangerous cybercrime units working in Russia today.
The arrests were made in a joint effort between the Russian Interior Ministry and the Russian Centre for Information Security (FSB). This morning, officers from the elite “Lynx” squad of the Interior Ministry descended from the roof to a 16th floor office flat where the ringleaders, two brothers, were living. Once the window glass was shattered, the criminals didn’t have much time to get rid of evidence.
The hackers relied on banking Trojans like Carberp and RPD-door. They hacked popular websites to add malicious code to them. This sent out malware, giving the crooks access to PCs in a variety of organisations that used Internet banking. Connecting remotely, cybercriminals then could steal from the banks’ clients and transfer the money to their own accounts.
According to IT security company Group IB, the total amount of misplaced money is a lot higher than figures provided by the Ministry of Interior. The Ministry is using information from the people who reported theft, whereas Group IB based their estimates on the size of the botnet and analysis of hackers’ “black” accounting. According to the company, the real number is closer to $150 million (£94.5 million) for the whole of 2011.
Finding the culprits wasn’t easy. They bounced the money between several accounts, randomly withdrawing cash from ATMs using debit cards obtained using fake personal details.
The “business” was going so well that the group began renting an office and filled it with computer equipment. To an outside observer, it looked like any other small IT company. The offices were raided today and several people arrested on the spot. Police claims they have the whole group in custody, from the botnet administrators to the people whose sole responsibility was going around Moscow withdrawing cash.
The documents obtained in the offices suggest the hacker team has managed to accomplish 90 counts of serious theft. Each member now faces up to ten years in prison.
How well do you know Internet security? Try our quiz and find out!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…