Feeds

Brazilian cops net 'phishing kingpin'

Trojan scam netted up to $37m

  • alert
  • submit to reddit

Security for virtualized datacentres

Brazilian police last week arrested the suspected kingpin of a gang which looted an estimated $37m from online banking accounts. Valdir Paulo de Almeida allegedly masterminded a scam to raid accounts using a Trojan horse sent by email to thousands of victims, mostly Brazilian.

This commonly used ploy enables crooks to capture security credentials of victims through keystroke logging. Using this information, criminals can transfer to themselves the money held in compromised accounts. Typically, the money is washed through the accounts of a number of middlemen to make tracing more difficult.

Investigators says that Paulo de Almeida headed one of Brazil's biggest gangs of online fraudsters, perhaps 18-strong: "They moved between 50 and 100 million reais ($18m and $37m) over the last two years... [and] sent over three million emails with Trojan horses per day," Eduardo Cidreira, head of the police department in charge of Internet fraud in Brazil's southern state of Santa Catarina told Reuters.

Anti-virus firm Sophos notes the recent appearance of Trojan horses (such as Troj/Banker-AR Trojan horse and Troj/Banker-K) being written specifically to target customers of Brazil's online banking websites. It reckons that Trojans are used increasingly used as a phishing device to steal money. Paulo de Almeida's arrest is the latest in a series of police busts against suspected Brazilian phishers. Last year 50 such arrests were made, but none are alleged to have stolen as much as Paulo de Almeida. ®

Related stories

Trojan targets UK online bank accounts
Brazil cybercrime bust nets 50
Brazil 'tops cybercrime league'

Secure remote control for conventional and virtual desktops

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
Admins! Never mind POODLE, there're NEW OpenSSL bugs to splat
Four new patches for open-source crypto libraries
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.