Financial Services // Nebraska, United States
A transnational criminal organization allegedly used credential-stealing code to access people’s bank accounts and transfer millions of dollars.
The “Zeus” malicious software is widely used to grab credit card information and other financial data. The group excised passwords and account numbers with the malware and then used that information to access victims’ bank accounts.
The malware allowed the accused to sidestep two-factor authentication systems, including RSA’s SecurID tool.
U.S. residents acted as "money mules,” transferring funds from victims' bank accounts into the mules' own bank accounts over the Automated Clearing House network or other wiring services. They then wired the money overseas.
Nine people have been charged in the crime and two of them, Ukrainian nationals living in the UK, have been transported to Nebraska. Four others are known to live in Ukraine and Russia but remain at large.
And indictment detailing the charges was unsealed on 4/11.
ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.