Zeus Arrests and SpyEye Group is Taken Down

Uploaded on 2015-09-30 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Authorities in six different countries worked together to take down a cybercrime ring, which ultimately infected tens of thousands of computers with Zeus and SpyEye malware and made off with roughly $2.25 million from banks in the process.

Europol and Eurojust joined forces to take down the group, based largely in Ukraine, that was believed to have been developing and distributing Zeus and SpyEye banking malware.
“The cybercriminals used malware to attack online banking systems in Europe and beyond, adapting their sophisticated banking Trojans over time to defeat the security measures implemented by the banks,” Europol said in a press release published Thursday.
The action, carried out on June 18 and 19, resulted in the arrest of five suspects, stemming from eight house searches in four different Ukrainian cities. Europol clarified that the action was part of a lengthy investigation dating back to 2013 and that so far it’s tallied “significant operational successes” in Belgium, Estonia, Finland, Latvia, and the Netherlands, in addition to Ukraine.
The criminals targeted banking systems in Europe and used malware to harvest credentials and compromise bank account information, according to Europol.
“This was a very active criminal group that worked in countries across all continents, infecting tens of thousands of users’ computers with banking Trojans, and subsequently targeted many major banks.”
Zeus and SpyEye are some of the oldest banking Trojans still making the rounds. Countless iterations of the malware have existed since at least 2009, but neither seems to want to fade away completely.
One of SpyEye’s masterminds, Aleksandr Andreevich Panin pleaded guilty in January 2014 after he was caught flying through Atlanta in 2013 – but the malware has persisted and continues to be sold in underground marketplaces.
It’s the latest in a lengthy line of takedowns from Europol and JIT, a joint investigation team comprised of investigators and judicial authorities from Austria, Belgium, Finland, the Netherlands, Norway and the United Kingdom. This particular investigation was launched in 2013 and has totaled 60 arrests to date — 34 of which who were made as part of a ‘money mule’ sting carried out by Dutch authorities.
In April Europol worked along side the FBI, the DHS, and Dutch authorities to takedown Beebone, a collection of polymorphic bots that infected machines via removable drives.
Threatpost: http://bit.ly/1OE1QBA

« The Differences Between Targeted Attacks and Advanced Persistent Threats
Cyberwar Right Here, Right Now... »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Security Magazine

Security Magazine

Security, the business magazine for security executives, focuses on management issues facing top security professionals and effective solutions being employed, both physical and cyber.

Hogan Lovells

Hogan Lovells

Hogan Lovells is an international business law firm with offices across Europe, Asia and the USA. Practice areas include Privacy & Cybersecurity.

CloudCheckr

CloudCheckr

CloudCheckr is a next-gen cloud management platform that unifies Security & Compliance, Inventory & Utilization and Cost Management.

Cobwebs Technologies

Cobwebs Technologies

Cobwebs Technologies provide web intelligence solutions for Law Enforcement (including cybercrime), Intelligence Agencies and Federal Agencies.

ZM CIRT

ZM CIRT

ZM CIRT is the national Computer Incident Response Team for Zambia.

ACI Worldwide

ACI Worldwide

ACI Worldwide powers electronic payments for more than 5,000 organizations around the world.

Compass Security

Compass Security

Compass Security is a specialist IT Security consultancy firm based in Switzerland. Services include pentesting, security assessments, digital forensics and security training.

Comarch

Comarch

Comarch is a provider of IT business solutions to optimize operational and business processes. Cyber security solutions are focused on Identity Management and Security Assessment services.

Spanish Network of Excellence on Cybersecurity Research (RENIC)

Spanish Network of Excellence on Cybersecurity Research (RENIC)

RENIC is a membership based sectoral association that includes research centers and other agents of the research cybersecurity ecosystem in Spain.

Enea

Enea

Enea is one of the world’s leading specialists in software for telecommunications and cybersecurity. Our products are used to enable services for mobile subscribers, enterprise customers and IoT.

South East Cyber Resilience Centre (SECRC)

South East Cyber Resilience Centre (SECRC)

The South East Cyber Resilience Centre supports and helps protect SMEs and supply chain businesses and third sector organisations in the region against cyber crime.

Project Cypher

Project Cypher

Project Cypher leverages the latest cybersecurity developments, a world class team of hackers and constant R&D to provide you with unparalleled cybersecurity offerings.

NinjaOne

NinjaOne

The NinjaOne Platform was built to help IT and MSP teams efficiently manage, patch, and support all endpoints.

360 Advanced

360 Advanced

360 Advanced is a relationship-focused cybersecurity and compliance firm offering integrated compliance solutions customized to meet your business’ needs.

Assurestor

Assurestor

Assurestor's singular focus is delivering leading cloud-based backup and disaster recovery designed to increase levels of IT resilience.

ArmourZero

ArmourZero

ArmourZero help organisations redefine their cybersecurity strategy - increase visibility, minimise complexity, manage risk, and enhance protection, all under a unified security operations platform.