Finnish police close case on phishing Trojan gang
Updated Finnish police closed on investigation on Tuesday after arresting 17 people suspected of involvement in a banking Trojan scam used to siphon off hundreds of thousands of euros held in accounts with Nordea Bank.
The alleged perpetrators, from Estonia and Finland, attempted to steal €1.2m through a series of over 100 false transactions starting early last year. Almost €178,000 remains missing, according to local reports.
Two of the suspects allegedly used malware to compromise the online banking accounts of 89 banking customers before compromised banking accounts were looted by local phishing fraud accomplices prior to the illicit transfer of funds to the masterminds behind the scheme, in Estonia.
"The Nordea attacks happened in early 2010," said Mikko Hypponen, chief research officer of F-Secure. "Police have finished the investigation now. We are not aware of similar attacks at the moment."
The Nordea Finland case related to the use of the Papras / Gozi strain of Trojan malware, according to Hyponnen, who said the investigation in the case started at the end of 2009 and officially closed on Tuesday. Of the 17 suspects in the case the majority (alleged phishing mules) have been released on bail. The two suspected masterminds in the case (both Estonian nationals) have been held on remand pending a trial, the date of which is yet to be set. ®
The bank uses an 8-digit PIN plus one time pad to login. Transfers have to be confirmed using a separate mechanism. It appears to be a pretty solid mechanism.
The details of the trojan would be interesting. It appears users neglected to check that SSL encryption was in place.
First the name is Mikko Hypponen, then Hyponnen.
Both are a bit wrong, as the name really is Mikko Hyppönen. But as computers, and americans can't handle ¨, Hypponen might be acceptable version.
Phinnish police close in on phishing Trojan gang
Phixed it for you.