Lincoln, NEBRASKA–Nine alleged members of a wide-ranging racketeering enterprise and conspiracy who infected thousands of business computers with malicious software known as “Zeus” have been charged in an indictment unsealed today in Lincoln, Neb.
The indictment alleges that the “Zeus” malware captured passwords, account numbers, and other information necessary to log into online banking accounts. The conspirators allegedly used the information captured by “Zeus” to steal millions of dollars from account-holding victims’ bank accounts.
The indictment was unsealed in connection with the arraignment this afternoon at the federal courthouse in Lincoln of two Ukrainian nationals, Yuriy Konovalenko, 31, and Yevhen Kulibaba, 36. Konovalenko and Kulibaba were recently extradited from the United Kingdom. All of the defendants were charged by a federal grand jury in August 2012 with conspiracy to participate in racketeering activity, conspiracy to commit computer fraud and identity theft, aggravated identity theft, and multiple counts of bank fraud.
“The ‘Zeus’ malware is one of the most damaging pieces of financial malware that has ever been used,” said Acting Assistant Attorney General David O’Neil. “As the charges unsealed today demonstrate, we are committed to making the Internet more secure and protecting the personal information and bank accounts of American consumers. With the invaluable cooperation of our foreign law enforcement partners, we will continue to bring to justice cyber criminals who steal the money of U.S. citizens.”
“In this case, the victims included a Nebraska bank and a Nebraska company,” said U.S. Attorney Deborah Gilg. “This demonstrates the global reach of cybercrime and the significant threat to our financial infrastructure. We are grateful for the collaboration of our international and federal law enforcement partners in this complex financial fraud crime.”
This case illustrates the vigorous cooperation between national and global law enforcement agencies and sends a strong message to cyber thieves,” said FBI SAC Thomas Metz. “The FBI and our international partners will continue to devote resources to finding better ways to safeguard our systems, fortify our cyber defenses and stop those who do us harm.”
According to the indictment, the defendants participated in an enterprise and scheme that installed, without authorization, malicious software known as “Zeus” or “Zbot” on victims’ computers. The defendants are charged with using that malicious software to capture bank account numbers, passwords, personal identification numbers, RSA SecureID token codes and similar information necessary to log into online banking accounts. The indictment alleges that the defendants falsely represented to banks that they were employees of the victims and authorized to make transfers of funds from the victims’ bank accounts, causing the banks to make unauthorized transfers of funds from the victims’ accounts.
As part of the enterprise and scheme, the defendants allegedly used as “money mules” residents of the United States who received funds transferred over the Automated Clearing House network or through other interstate wire systems from victims’ bank accounts into the money mules’ own bank accounts. These “money mules” then allegedly withdrew some of those funds and wired the money overseas to conspirators.
According to court documents unsealed today, Kulibaba allegedly operated the conspirators’ money laundering network in the United Kingdom by providing money mules and their associated banking credentials to launder the money withdrawn from U.S.-based victim accounts. Konovalenko allegedly provided money mules’ and victims’ banking credentials to Kulibaba and facilitated the collection of victims’ data from other conspirators.
[contextly_auto_sidebar id=”qjj2Zs4qQxfqhYhxNm5xGMGULYUKDcjv”]