The FBI arrested 20 persons suspected to be members and operators in an international cyber crime network charged with bank fraud scheme. The network compromised dozens of individual and business accounts in the U.S. and transferred more than $3 million under false identities. The FBI is charging more than 60 people from Russia, from Belarus, Kazakhstan and Ukraine, as well as U.S. nationals, some already convicted in money laundering and fraud. Of the 60 charged in this case only 20 were arrested in recent days, 17 are still at large in the U.S. and abroad. The charges followed Tuesday’s arrests of 19 people in Britain on computer crime charges being part of “a sweeping and coordinated effort to combat the 21st century’s variation on traditional bank robbery,” US Attorney Preet Bharara said in New York.
FBI Assistant Director-in-Charge Janice K. Fedarcyk, attributed the attack to the ‘Zeus Trojan’ malware which allegedly allowed hackers to get into victim accounts from thousands of miles away. “They did it with far less exertion than a safecracker or a bank robber.” Fedarcvk admitted but assured, they, “Like the money mules, many, if not all, will end up behind bars.”
According to the FBI, the scheme was headed by Artem Tsygankov, a Russian national, age 23, who recruited other young students to operate as mules and managed their activities, directing the money gained by the scheme through fraudulent wire transfers to the mules’ accounts. The network followed ‘multi-level’ scheme, where recruits and recruiters keep around 10% of the amount they transfer. The network recruited ‘mules’ by targeting young students holding U.S. tourist Visas, targeted on Russian social network sites. Tsygankov is still at large, wanted by the FBI. If convicted, he faces more than 30 years imprisonment.
After the ‘mules’ have opened hundreds of bank accounts, under false identities, at U.S. banks, the cyber attack was launched from Eastern Europe, unleashed by sending millions of emails containing the “Zeus Trojan”, targeting computers at small businesses and municipalities in the United States where security awareness is considered low. According to the FBI, once the email was opened, the malware embedded itself in the victims’ computers, and recorded their keystrokes – including their account numbers, passwords, and other vital security codes – as they logged into their bank accounts online. The hackers responsible for the malware then used the stolen account information to take over the victims’ bank accounts, making unauthorized transfers of thousands of dollars at a time to receiving accounts controlled by the co-conspirators.
Hundreds of receiving accounts were set up in advance by a “money mule organization” responsible for retrieving the proceeds of the malware attacks and transporting or transferring the stolen money overseas. To carry out the scheme, the money mule organization recruited individuals who had entered the United States on student visas, providing them with fake foreign passports, and instructing them to open false-name accounts at U.S. banks. Once these false-name accounts were successfully opened and received the stolen funds from the accounts compromised by the malware attacks, the “mules” were instructed to transfer the proceeds to other accounts, most of which were overseas, or to withdraw the proceeds and transport them overseas as smuggled bulk cash.
The investigation began in February 2010 when New York Police Department (NYPD) investigated a suspicious $44,000 withdrawal from Bronx bank, said Commissioner Raymond W. Kelly said: “It soon became evident that it was just the tip of an international iceberg.” said Kelly. The investigation unfolded far beyond New York, involving national and trans-national agencies to reach and decipher the international scheme which represents the profile of typical modern cyber crime. As the incidence of transnational cybercrimes continues to rise, investigations and prevention activities are elevated to include the Diplomatic and Secret Service. “The results of this investigation clearly demonstrate how the Secret Service is forging strong partnerships with other law enforcement agencies, successfully combating cyberfraud, and bringing high-tech perpetrators to justice.” DSS Special Agent-in-Charge Christopher Paul added “The charges announced today send a strong message: Diplomatic Security is committed to collaborating with our law enforcement partners to make sure that those who commit fraud face consequences for their criminal actions. Diplomatic Security’s strong relationship with the U.S. Attorney’s Office and other law agencies around the world continues to be essential in the pursuit of justice.”
