A group of cybercrooks and hacker masterminds, some believed to be part of a money mule scam, stole about USD$600,000 from the city of Brigantine, New Jersey's main TD Bank last week with the use of malware.
The business of utilizing sophisticated malware such as the Zeus Trojan, is on a steep incline as we witness more and more cases of online banking heists. We recently reported how the U.S. Feds arrested money mules in a USD$3 million Zeus Trojan bank fraud ring. Then, in the month of August, thousands of British internet banking users were robbed by hackers using Zeus. In the latest incident where cyberthieves made off with about USD$600,000 from Brigantine, NJ's TD Bank, the Zeus Trojan may have been the culprit once again.
The news of Internet banking succumbing to the Zeus Trojan is beginning to mount. The authorities in the U.S. and in overseas areas such as the Ukraine are doing their best to uncover these cyber gangs and hired money mules that seek to steal money from banks through the Internet.
The Security Service of Ukraine (SBU - A Ukrainian government security agency similar to the U.S. FBI) were able to detain 5 Ukrainian individuals, found to be members of a gang responsible for using the Internet bank password-stealing Zeus Trojan, who deployed malware in emails to target small businesses. This gang is believed to have recruited 3,500 money mules in the United States to receive and forward the cash to the overseas attackers. The same 5 individuals have been tied to upwards of USD$70 million in U.S. banking heists all behind the screen of a computer connected to the Internet. Many of their money mules include Russians who were visiting the U.S. on student visas.
So far these incidents have managed to escape mainstream and national media due to the crime groups' clever tactics that help prevent them from getting caught. The FBI has been monitoring these situations and has given reporters a clear view on how sophisticated these 'underground' organized crime groups are. First and foremost, they use a sophisticated piece of malware which may have been Zeus (Zbot), also known as the number one botnet in the U.S., to hack into banking accounts allowing their money mules to transfer funds to U.S. accounts.
The FBI's Cyber Division believes that the individuals detained by the SBU worked with the developers of Zeus to get custom made components tailored to their specific needs which lead to the theft of up to USD$70 million. The Zeus Trojan variant these individuals have used in the past was identified by security researchers to be specific for the Ukrainians. This variant would alerts the gang through Jabber instant message whenever the Internet banking login credentials were stolen from specific institutions. Pretty clever, isn't it?
At this point and time, due to all of the recent Zeus initiated attacks, we will continually see more cybercrook gangs and money mules stealing and laundering money from online banking institutions. Until we are able to put an end to the original source, which seems to be the Zeus Trojan, we may be witnessing a virtually uncontrollable outbreak of Internet banking theft.