Zeus Arrests and SpyEye Group is Taken Down

Uploaded on 2015-09-30 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Authorities in six different countries worked together to take down a cybercrime ring, which ultimately infected tens of thousands of computers with Zeus and SpyEye malware and made off with roughly $2.25 million from banks in the process.

Europol and Eurojust joined forces to take down the group, based largely in Ukraine, that was believed to have been developing and distributing Zeus and SpyEye banking malware.
“The cybercriminals used malware to attack online banking systems in Europe and beyond, adapting their sophisticated banking Trojans over time to defeat the security measures implemented by the banks,” Europol said in a press release published Thursday.
The action, carried out on June 18 and 19, resulted in the arrest of five suspects, stemming from eight house searches in four different Ukrainian cities. Europol clarified that the action was part of a lengthy investigation dating back to 2013 and that so far it’s tallied “significant operational successes” in Belgium, Estonia, Finland, Latvia, and the Netherlands, in addition to Ukraine.
The criminals targeted banking systems in Europe and used malware to harvest credentials and compromise bank account information, according to Europol.
“This was a very active criminal group that worked in countries across all continents, infecting tens of thousands of users’ computers with banking Trojans, and subsequently targeted many major banks.”
Zeus and SpyEye are some of the oldest banking Trojans still making the rounds. Countless iterations of the malware have existed since at least 2009, but neither seems to want to fade away completely.
One of SpyEye’s masterminds, Aleksandr Andreevich Panin pleaded guilty in January 2014 after he was caught flying through Atlanta in 2013 – but the malware has persisted and continues to be sold in underground marketplaces.
It’s the latest in a lengthy line of takedowns from Europol and JIT, a joint investigation team comprised of investigators and judicial authorities from Austria, Belgium, Finland, the Netherlands, Norway and the United Kingdom. This particular investigation was launched in 2013 and has totaled 60 arrests to date — 34 of which who were made as part of a ‘money mule’ sting carried out by Dutch authorities.
In April Europol worked along side the FBI, the DHS, and Dutch authorities to takedown Beebone, a collection of polymorphic bots that infected machines via removable drives.
Threatpost: http://bit.ly/1OE1QBA

« The Differences Between Targeted Attacks and Advanced Persistent Threats
Cyberwar Right Here, Right Now... »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigiCert

DigiCert

DigiCert is the only provider of enterprise-grade SSL, IoT and PKI solutions. Our certificates are trusted everywhere, millions of times every day, by companies across the globe.

Internet Security Alliance (ISA)

Internet Security Alliance (ISA)

ISA is an international trade association providing thought leadership in advancing a sustainable system of cyber security.

Rambus Security Division

Rambus Security Division

Rambus Security Division solutions span areas including tamper resistance, content protection, network security, mobile payment, smart ticketing, and trusted provisioning services.

Netskope

Netskope

Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data.

Markel International

Markel International

Markel International is an international insurance company which looks after the commercial insurance needs of businesses. Specialist services include Cyber Risk insurance.

Visa

Visa

Visa is a global payments technology company that connects consumers, businesses and banks in more than 200 countries and territories worldwide.

NanoVMs

NanoVMs

NanoVMs is the industry's only unikernel platform available today. NanoVMs runs your applications as secure, isolated virtual machines faster than bare metal installs.

CyberNet Albania

CyberNet Albania

Cybernet Albania has been providing IT support and services to small businesses since 2016. We strive to eliminate your IT issues before they cause downtime and impact your operations.

Kocho

Kocho

Kocho (formerly TiG) is a provider of identity and access, cyber security, cloud transformation, and managed IT services.

IntelliDyne

IntelliDyne

IntelliDyne is a leading information technology consulting firm enabling better mission performance through innovative technology solutions.

Celera Networks

Celera Networks

Celera Networks is a managed services provider specializing in cybersecurity, cloud and managed IT services.

Netgo

Netgo

Netgo group meet the requirements of a complex, digitized world with IT consulting, IT solutions & services, managed & cloud services and software products & development.

Harrison Clarke

Harrison Clarke

Harrison Clarke is a leading staffing and recruiting firm in the Cloud, Cybersecurity, Data & AI space.

MiDO Technologies

MiDO Technologies

MiDO Technologies has a mission to change the narrative around digital enabling tools on the continent of Africa and prepare African youth.

Argantic

Argantic

Argantic aims to help organisations thrive and reach their full potential in a modern cloud-centric era.

Concertium

Concertium

Concertium is a complete cybersecurity partner equipped with the expertise and services to deliver end-to-end visibility and protection from evolving cyber threats.