Source:
Associated PressWASHINGTON — The FBI and law enforcement agencies in Ukraine, the Netherlands and Britain are tracking down international cyber criminals who stole $70 million by using malicious software that captured passwords and account numbers to log onto online bank accounts.
At a press briefing Friday, the FBI said Operation Trident Breach began in May 2009 when agents in Omaha, Nebraska, were alerted to some of the stolen money, which was flowing in bulk payments to 46 bank accounts around the United States.
Ukrainian authorities have detained five people thought to have participated in some of the thefts and Ukraine has executed eight search warrants in the ongoing investigation.
The FBI said the software was known as an Internet banking Trojan, which can steal computer access data including usernames and passwords for bank accounts, e-mail accounts and social-networking websites. The program would gain access to the computer when a victim clicked on a link or opened a file attached to a seemingly legitimate e-mail message.
Read more:
http://www.msnbc.msn.com/id/39463255/ns/technology_and_science-security/
The Zeus software program is one antivirus specialists became aware of several years ago. They believe it was developed by an individual or group out of Russia, said Mikko Hypponen, chief research officer at computer-security firm F-Secure Corp.
In its early form, the Zeus code would harvest data such as basic bank log-in information as users of infected computers accessed their financial accounts online, sending the information to criminals who would then either use it or sell it.
Over the past year, the code has become more sophisticated, antivirus experts say, enabling criminals to take over someone's connection with a financial institution to siphon money directly to mule accounts. By piggybacking on the legitimate user's access to an account, the virus bypasses additional password protection financial firms have put in place.
Zeus is so popular that bootleg versions have emerged on the cyber black market from a hacker known by the online handle Bishop. Zeus isn't just used to steal bank data but also log-in information to government and military sites.
Accounts Raided in Global Bank Hack