Ukrainian and Russian police arrest banking Trojan masterminds

Filed Under: Featured, Law & order, Malware

shutterstock_UkrainePoliceCap170Kommersant, a Ukrainian news site, reported last week on the arrest of 20 people for stealing more than $250 million through online banking fraud over the last five years.

The SBU (Security Service of Ukraine) and FSB (Federal Security Service of Russia) spent more than a year jointly investigating the gang who were located in Kiev, Zaporozhye, Lviv, Herson and Odessa.

The arrested were between 25 and 30 years old and were responsible for coding individual pieces of the banking malware involved in the scam.

All of the stolen banking details were sent off to a server in Odessa, Ukraine where the 28 year old Russian mastermind of the operation was located.

The SBU is currently collecting evidence found on the seized computers and commented (loose translation):

"According to the new legislation the economic crimes are not considered as serious, therefore the suspects have been released on bail and are under house arrest. If they are found guilty in court they are facing more than five years in prison."

The malware was designed to steal banking credentials, logins/passwords and data from popular accounting software published by Russian firm, 1C.

shutterstock_Burglars170One of the investigators told Kommersant that after the gang compromised a business PC, they would study the victim organization for a while before issuing fake payments from the victim to criminal controlled shell companies.

The digital equivalent of "casing the joint". Observe what is normal, who is watching what and when. Then strike when they least expect it or are least likely to notice.

It is believed this group was responsible for the banking malware called Carberp for which arrests were made early last year.

A report by Deutsche Telekom in February 2013 showed the Ukraine to be the fourth largest source of online attacks after Russia, Taiwan and Germany.

Anytime law enforcement can break up a criminal network it is good news.

Is this a sign that Russia and the Ukraine are taking online crime more seriously? Or is it simply a sign to cybercriminals to not pee in their own swimming pool?

Only time will tell.

Photo of Ukrainian police cap and burglars courtesy of Shutterstock.

, , , , , ,

You might like

One Response to Ukrainian and Russian police arrest banking Trojan masterminds

  1. roy jones jr · 556 days ago

    25 to 30 skilled computer people that could have well paying jobs in the IT field.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.