Zeus Arrests and SpyEye Group is Taken Down

Uploaded on 2015-09-30 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Authorities in six different countries worked together to take down a cybercrime ring, which ultimately infected tens of thousands of computers with Zeus and SpyEye malware and made off with roughly $2.25 million from banks in the process.

Europol and Eurojust joined forces to take down the group, based largely in Ukraine, that was believed to have been developing and distributing Zeus and SpyEye banking malware.
“The cybercriminals used malware to attack online banking systems in Europe and beyond, adapting their sophisticated banking Trojans over time to defeat the security measures implemented by the banks,” Europol said in a press release published Thursday.
The action, carried out on June 18 and 19, resulted in the arrest of five suspects, stemming from eight house searches in four different Ukrainian cities. Europol clarified that the action was part of a lengthy investigation dating back to 2013 and that so far it’s tallied “significant operational successes” in Belgium, Estonia, Finland, Latvia, and the Netherlands, in addition to Ukraine.
The criminals targeted banking systems in Europe and used malware to harvest credentials and compromise bank account information, according to Europol.
“This was a very active criminal group that worked in countries across all continents, infecting tens of thousands of users’ computers with banking Trojans, and subsequently targeted many major banks.”
Zeus and SpyEye are some of the oldest banking Trojans still making the rounds. Countless iterations of the malware have existed since at least 2009, but neither seems to want to fade away completely.
One of SpyEye’s masterminds, Aleksandr Andreevich Panin pleaded guilty in January 2014 after he was caught flying through Atlanta in 2013 – but the malware has persisted and continues to be sold in underground marketplaces.
It’s the latest in a lengthy line of takedowns from Europol and JIT, a joint investigation team comprised of investigators and judicial authorities from Austria, Belgium, Finland, the Netherlands, Norway and the United Kingdom. This particular investigation was launched in 2013 and has totaled 60 arrests to date — 34 of which who were made as part of a ‘money mule’ sting carried out by Dutch authorities.
In April Europol worked along side the FBI, the DHS, and Dutch authorities to takedown Beebone, a collection of polymorphic bots that infected machines via removable drives.
Threatpost: http://bit.ly/1OE1QBA

« The Differences Between Targeted Attacks and Advanced Persistent Threats
Cyberwar Right Here, Right Now... »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Rollbar

Rollbar

Rollbar is a full-stack error monitoring platform for web and mobile applications. We help developers find and fix bugs fast. Built by developers for developers.

CLUSIL

CLUSIL

CLUSIL is an association for the information security industry in Luxembourg.

Heimdal Security

Heimdal Security

Heimdal Security provides proactive protection against cyber threats including ransomware, exploit kits and financial malware.

Nohau

Nohau

Nohau provide services for safe and secure embedded software development.

Cyanre

Cyanre

Cyanre delivers state of the art cyber forensic services through software technologies and procedures that exceed conformities of major law enforcement agencies across the globe.

RevenueStream

RevenueStream

RevenueStream uses an innovative algorithmic approach to intercept and prevent payment fraud before it even happens.

TCPWave

TCPWave

TCPWave IPAM is the world’s first acclaimed DNS/DHCP management software to pass the most stringent Information security tests.

Cybersecurity Advisors Network (CyAN)

Cybersecurity Advisors Network (CyAN)

CyAN provides a not-for-profit platform that helps private and public organisations as well as governments to identify trusted advisors in the area of Cyber Security and Cyber Crime.

Spherical Defense

Spherical Defense

Spherical Defense offers an alternative approach to WAFs and first generation API security tools.

Fortra

Fortra

Fortra (formerly HelpSystems) is your cybersecurity ally, unified through the mission of providing solutions to organizations' seemingly unsolvable cybersecurity problems.

Antiy Labs

Antiy Labs

Antiy Labs is a vender of antivirus engine and solution, providing the best-in-breed antivirus engine and next generation antivirus services for confronting PC malware and mobile malware.

Bird & Bird

Bird & Bird

Bird & Bird is an international law firm with a focus on helping organisations being changed by technology and the digital world. Areas of expertise include cyber security.

Northcross Group (NCG)

Northcross Group (NCG)

NCG provides services to help organizations meet the challenges of regulatory compliance. Our services include support, consultation, tools and accelerators for all parts of an organization.

Route1

Route1

Route1 is an advanced provider of secure data intelligence solutions to drive your business forward.

Flare Systems

Flare Systems

Flare proactively detects and remediates exposure across the clear & dark web, providing organizations with the equivalent of an automated cyber reconnaissance team.

CyberMaxx

CyberMaxx

At CyberMaxx, our approach to cybersecurity provides end-to-end coverage for our customers – we use offense to fuel defense.