Feeds

Feds indict nine for making millions from Zeus malware

But cops only have two of them in custody

The Power of One Infographic

The FBI and the US Department of Justice have unsealed charges against nine people accused of racketeering, computer fraud, aggravated identity theft, and multiple counts of bank fraud related to their use of the Zeus malware against victims in the state of Nebraska.

"The 'Zeus' malware is one of the most damaging pieces of financial malware that has ever been used," said Acting Assistant Attorney General David O'Neil. "With the invaluable cooperation of our foreign law enforcement partners, we will continue to bring to justice cyber criminals who steal the money of US citizens."

That support is going to be very valuable, if the accused are going to have their day in court. While the US authorities have two suspects in detention, seven remain at large: three Ukrainians, a Russian national, and three others who have not been positively identified.

The two named ringleaders of the Zeus botnet, Ukrainians Yuriy Konovalenko and Yevhen Kulibaba, are already in custody, thanks to the efforts of British police. In 2011 they were jailed for four years and eight months apiece after getting nabbed by the UK's boys in blue, and have now been extradited to the US for additional charges.

According to the indictment, the two along with their seven accomplices used Zeus to infect targets in Nebraska and withdraw money from online bank accounts in the state. The government said it was asking for a forfeiture order of $70m against those indicted so that it can reclaim any money found.

The charges lean heavily on data collected by the British police, and say that funds purloined in the US were then sent to the UK and laundered through a variety of money mules. These are people who either knowingly or unknowingly agreed to transfer the funds through their own bank accounts and forward them on to the accused, while taking a small percentage as a commission.

"This case illustrates the vigorous cooperation between national and global law enforcement agencies and sends a strong message to cyber thieves," said FBI special agent in charge Thomas Metz. "The FBI and our international partners will continue to devote resources to finding better ways to safeguard our systems, fortify our cyber defenses, and stop those who do us harm."

While the police have named some of the suspects they are still searching for, it seems unlikely that they are going to be caught anytime soon. Many are known only by online handles, and unless they get as sloppy on security as their victims, they look likely to remain at large. ®

Boost IT visibility and business value

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
Major problems beset UK ISP filth filters: But it's OK, nobody uses them
It's almost as though pr0n was actually rather popular
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
MPs wave through Blighty's 'EMERGENCY' surveillance laws
Only 49 politcos voted against DRIP bill
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.