20-year-old student pleads to making spy app for Android phone



A 20-year-old student of Carnegie Mellon University has pleaded guilty to developing and selling malicious software that allowed others to remotely control Google Android phones, including using the phones' cameras to spy on their owners.

Morgan Culbertson, a resident of Churchill, could face up to 10 years in prison and $250,000 in fines when he is sentenced Dec. 2.

However, it is unclear that how many phones were actually infected by malicious software after his court appearance before a federal judge in Pittsburgh.

It is said that if anyone’s phone gets infected from the app, it can remotely control by others and used to spy and secretly take pictures without the phone owner's knowledge. It also records calls, intercept text messages and otherwise steal information the owners downloaded on the devices.

According to a news report published in IndiaToday, he is one of 12 people charged by U.S. authorities, and the fourth to plead guilty so far, in the worldwide takedown of the Darkode.com cybercriminal marketplace.

Almost 70 other people have been targeted for allegedly using the cybercriminal marketplace where hackers bought and sold malicious software.

"I committed the crime, so I am responsible," Culbertson said after pleading guilty, according to the Pittsburgh Tribune-Review. "I understand what I did was wrong and I take full responsibility. I would like in the future to use may skills to help protect people."

Assistant U.S. Attorney Jimmy Kitchen said that Culbertson worked online with a man identified only as "Mike from the Netherlands" to create Dendroid, the malware that was secretly linked to Android phone apps available for purchase through Google Play.

Russian hacker's profit frozen after manipulating Australian stockmarket


The New South Wales Supreme Court has restrained more than $77,000 of a suspected Russian hacker, who manipulated penny stocks on the Australian share market.

The joint operation by the Australian Securities and Investments Commission (ASIC) and Australian Federal Police (AFP) investigated a series of suspicious trades in cheap “penny stocks”.

After the operation, “Operation Emerald”, the investigators targeted the suspected Russian hacker , who manipulated market through an overseas account that traded through Morgan Stanley Australia.

ASIC’s surveillance team  spotted the suspicious trades in between August and October last year.

According to the ASIC,the trades were made through hacked retail clients account, and they targeted 13 penny stocks.

ASIC commissioner Cathie Armour said that they will continue to “help smash” any criminal activity targeting the Australian market.

“[ASIC] staff continue to monitor and detect suspicious trading activity and work with market participants to ensure account hacking is swiftly identified and stopped,” Ms Armour said.

Penalty of up to 10 years in jail for manipulating the market.

Three Estonian men sentenced for internet fraud by US court

Manhattan federal court has sentenced over three years imprisonment to three Estonian men for their involvement in an Internet scheme that infected more than 4 million computers in over 100 countries.

U.S. District Judge Lewis A. Kaplan said that, "It's hard to pick up a newspaper this summer without reading about another one." Justifying his decision he said it was important to impose tough sentence.

Timur Gerassimenko, 35, was sentenced to four years, Dmitri Jegorov, 37, got 3 2/3 years and Konstantin Poltev, 31, received 3 1/3 years for their roles in an internet  fraud.

According to the government, Gerassimenko was the main culprit behind this fraud, he hired programmers, Jegorov as the lead network administrator while Poltev as the public face of the enterprise.

When the men were arrested in Estonia, Gerassimenko was ordered to forfeit $2.5 million while Jegorov and Poltev were each told to forfeit $1 million. All three of them  apologized for their crimes before they were sentenced.

The fraud has affected computers belonging to government agencies such as NASA, along with educational institutions, nonprofit organizations, businesses and individuals.

The malware scheme that was  carried out with co-conspirators in Russia and Ukraine, cost NASA more than $65,000 in repairs.

All three men sentenced Thursday are serving sentences in Estonia for similar crime.

Vietnamese Hacker who stole identities of 200 million American, sentenced to 13 years

After breaking into the computers of several business entities and stealing the personal identification information of over 200 million Americans, a Vietnamese hacker has finally been sentenced for 13 years in prison.

The Department of Justice on Tuesday, released a report announcing that Hieu Minh Ngo, 25, bagged $2 mn from hacking and stealing the personal identification and selling it to other cyber criminals.

A District Court in New Hampshire finally sentenced Ngo on Tuesday for various fradulent charges, as reported by the Financial Times. Ngo was arrested in february 2013, soon as he entered America.

Back in his home in Vietnam, Ngo was active from 2007 till 2013, for breaking into computer systems and stealing identifiable information like Social security numbers, credit card details, bank account, phone numbers, and advertising about the data on his websites, from where the fellow hackers used to buy the information.

A press release by the Justice Department specified that 'Ngo admitted that he offered access to PII (personally identifiable information) for 200 million U.S. citizens, and that more than 1,300 customers from around the world conducted more than three million "queries" through the third-party databases maintained on his websites'.

The Internal Revenue Service stated that the information sold on Ngo's website to other hackers was used to file income tax returns for more than 13000 people, who saw $65 million returned on their behalf.

'Criminals buy and sell stolen identity information because they see it as a low-risk, high-reward proposition,' Assistant Attorney General Leslie Caldwell said a statement.
'Identifying and prosecuting cyber criminals like Ngo is one of the ways we're working to change that cost-benefit analysis.'

The US Office of Personnel Management revealed that the hackers have stolen more than 21.5 mn social security numbers till now, and out of them 1.1 mn include fingerprints.

Sentencing Ngo has finally taken an initiative for stopping cyber crimes that are breaching the personal identity of civilians.

Hacker who sold Madonna song sentenced to 14 months in prison

Adi Lederman has been sentenced to 14 months in prison in Israel after being found guilty of selling and stealing singer Madonna's unreleased songs.

He was also fined 5,000 shekels, which comprehends to about $3900. The court has sad that an appropriate punishment will deter this kind of incidents in the future.

Madonna's latest album Rebel Heart was leaked on the internet last year. At the time she said' “I have been violated as a human and an artist.”

Later she later six songs, calling it an “early Christmas gift” for her fans.

Lederman was arrested earlier this year and agreed to a plea deal after confessing the crime.

U.S. court sentences a Swedish Blackshades malware maker to 57 months in prison

The United State District Judge P. Kevin Castel has sentenced one of the creators of a malware dubbed ‘Blackshades RAT’(a dangerous threat that can take over computers and steal personal and financial information), Alex Yücel to 57 months in prison.

The Swedish national has been found guilty of computer hacking on February 18, 2015 by the Judge. Along with the 57 months imprisonment, the Judge ordered him to forfeit $200,000.

According to Preet Bharara, United States Attorney for the Southern District of New York, Yucel created, marketed and sold software that was designed to accomplish only to gain control of a computer along with a victim's identity and other important information.

Blackshade RAT was distributed as a $40 download to thousands of online criminals since his operations began in 2010

"This malware victimized thousands of people across the globe and invaded their lives. But Yucel's computer hacking days are now over," Bharara said.

An international effort coordinating with UK National Crime Agency (NCA) shut down the Blackshades attacks in 2014.

During that time, more than 80 people were arrested in raids in the Netherlands, Belgium, France, Germany, the UK, Finland, Austria, Estonia, Denmark, the U.S., Canada, Chile, Croatia, Italy, Moldova and Switzerland.

Over 1,000 storage devices were confiscated, and the whole cyber criminal fraternity was warned that they are running out of hiding places.

"Criminals are finding out that committing crimes remotely offers no protection from arrest," Andy Archibald, deputy director of the NCA's National Cyber Crime Unit at the time, told V3.co.uk.


"The unique scale of this cyber operation shows what can happen when law enforcement agencies at local, national and international level work together to tackle the perpetrators and help keep people safe. Cyber crime is one of the most significant criminal threats to the UK. The NCA is helping to build the capacity of its partners across the country and co-ordinating the UK's collective efforts as part of the response," he added.

A Turkish mastermind of $55 million cyber spree handed over to the U.S.

A Turkish man, a mastermind behind three hacks that resulted in $55 million loss to the global financial system, has been extradited to the United States to face charges, the U.S. authorities announced on Wednesday.    

According to a news report published on Reuters, the prosecutors confirmed Ercan Findikoglu, 33, as the mastermind behind an organization whose hacks resulted in stolen debit card data being distributed worldwide and used to make fraudulent ATM withdrawals.

The prosecutors said that Findikoglu along with his friend hacked into the computer networks of three credit and debit card payment processors: Fidelity National Information Services Inc, ElectraCard Services, now owned by MasterCard Inc, and enStage.

After tapping into those networks, he hacked Visa and MasterCard prepaid debit cards that the processors serviced and caused the cards' account balances to be increased to allow large excess withdrawals.

Then the hackers group disseminated the stolen debit card information to heads of "cashing crews" around the world who in turn conducted tens of thousands of fraudulent ATM withdrawals.

The report says that the prosecutors said in February 2011 operation targeting cards issued by JPMorgan Chase & Co and used by the American Red Cross to provide relief to disaster victims noticed $10 million withdrawn across the globe.

A second operation compromised cards issued by National Bank of Ras Al-Khaimah in the United Arab Emirates, resulting in $5 million in losses in December 2012, court documents said.

Then the hackers compromised cards issued by Bank Muscat in Oman, allowing crews operating in 24 countries to execute 36,000 transactions over a two-day period in February 2013 and withdraw $40 million from ATMs, prosecutors said.

Authorities said that a New York cashing crew alone withdrew $2.8 million in the 2012 and 2013 operations. Thirteen of the crew's members have pleaded guilty.

According to the news report, the prosecutors said that Findikoglu and other high-ranking members of the scheme received proceeds in various forms, including by wire transfer, electronic currency or personal deliveries of cash.

The case is U.S. v. Findikoglu, U.S. District Court, Eastern District of New York, No. 13-0440.

The report says that Findikoglu pleaded not guilty during a hearing in federal court in Brooklyn, New York, after being extradited on Tuesday from Germany, where he was arrested in December 2013, the U.S. Justice Department said.

An indictment unsealed on Wednesday charged Findikoglu, who authorities say went by the online aliases "Segate" and "Predator," with 18 counts including computer intrusion conspiracy, bank fraud and money laundering.

Group of cyber-criminals bases in different countries nabbed in joint international operation


A group of 49 cyber-criminals located in Italy, Spain, Poland, the United Kingdom, Belgium and Georgia were nabbed by the authorities in a joint international investigation.

From a total of 58 properties, authorities recovered and seized laptops, hard disks, telephones, tablets, credit cards and cash, SIM cards, memory sticks, forged documents and bank account documents.

The operation was headed by Europol's European Cybercrime Centre (EC3) and Eurojust, and was assisted by the Italian Polizia di Stato (Postal and Communications Police), the Spanish National Police, the Polish Police Central Bureau of Investigation, and supported by UK law enforcement bodies.

The arrested members are suspected of financial fraud to the tune of 6 million Euros. The group targeted medium and large European companies through malware and social engineering techniques.

The joint operation was coordinated from Europol's headquarters in The Hague.

Two men, who developed Photobucket hacking software, charged with conspiracy and fraud

Two men were arrested on April 8 in the charge of conspiracy and fraud after breaching computer services of Colorado-based Photobucket, a company that runs an image and video hosting website, according to a statement by U.S Department of Justice (DoJ).

Brandon Bourret (39), from Colorado Springs, and Athanasios Andrianakis (26), from Sunnyvale, California, were arrested at their homes for hacking the system and sold passwords and access to private information on a photo-sharing website.

U.S. Attorney John Walsh for the District of Colorado (DoC) and Thomas Ravenelle, special agent in-charge for the Denver Division of the Federal Bureau of Investigations (FBI) announced that the two persons developed and sold a software application that allowed users to get through the privacy settings on Photobucket, which has more than 100 million registered users.

According to the statement, application users could secretly access and copy password-protected information and images without any permission from Photobucket's users.

“It is not safe to hide behind your computer, breach corporate servers and line your own pockets by victimizing those who have a right to protect privacy on the internet,” said U.S. Attorney Walsh in the statement.  The U.S. Attorney’s Office is keenly focused on prosecuting those people for their theft -- and for the wanton harm they do to innocent internet users.”      

“Unauthorized access into a secure computer system is a serious federal crime,” said Ravenelle in the statement.  The arrest of Brandon Bourret and his co-conspirator reflects the FBI’s commitment to investigate those who undertake activities such as this with the intent to harm a company and its customers.”

According to the statement, Bourret and Andrianakis both face one count of conspiracy, which carries a penalty of up to five years in federal prison and a fine of up to $250,000. They also face one count of computer fraud, which carries the same maximum penalty and less than five years in federal prison.

Similarly, they face two counts of access device fraud, which carries a fine of up to $250,000 and not more than ten years in federal prison, per count.

In addition, the U.S. Attorney’s Office and the FBI appreciated Photobucket for its cooperation from the inception of the investigation and thanked for its continued assistance as both the investigation and prosecution moves forward.


This case is being prosecuted by Assistant U.S. Attorney David Tonini. 

25-year-old student hacked University’s computers to upgrade his marks

A 25-year-old student, who hacked Birmingham University's computers to upgrade his marks, has been jailed for four years.

Imran Uddin, who was pursuing his final year in bio-science course at the University of Birmingham, increased his marks from 57 per cent to 73 per cent by stealing staffs passwords using a keyboard spying device.

According to the Birmingham Crown Court, in order to steal the staffs passwords, Uddin had attached a hardware keylogger at the back of computers.

The incident came into light on October 7 last year, when two staffs carried out a routine upgrade on a computer in the bio-science building.

The attached devices, which could record the key strokes of anyone, were found at the back of the computers when staff removed protective casing.

After that other computers of the University were checked where they found more such devices attached.

The court sent him to jail after he admitted six charges as per the Computer Misuse Act.

Judge James Burbidge QC told Uddin (The Telegraphreports), "For reasons not entirely clear to me, whether it was monetary, or pride or a desire to out-perform others, you decided to cheat and you formed a settled intention to do that. I consider your actions were planned and persistent.”
He added that this kind of conduct has the potential to undermine public confidence in the degree system, set up by this university.

“I have decided that I cannot pass a suspended sentence because there needs to be an element of deterrence," he said.

Madhu Rai, the prosecuting, said that the one of the devices was attached to a computer of Christine Chapman, a staff, who had access to the University grades.

Police found that Uddin had made ebay searches on his computer for keyboard cheating devices.

Balbir Singh, the defending, said that Uddin, who was the first person from his family to go to University, did so because of the pressure. He could not see clearly.

A spokeswoman for the Birmingham University said that they could not comment on individual cases, however, they took any criminal activity seriously and work closely with West Midlands Police.

Along with the legal sanctions, students, who convicted such crimes, face misconduct investigation and ultimately face permanent exclusion.

Teenagers suspected of hacking Belgian and French websites


Photo Courtesy: The Local France
Two teenagers, who were suspected of hacking the websites of Belgian and French newspapers last week, would have a court hearing, authorities said on April 17.

The websites of Le Soir, La Libre Belgique, La Dernière Heure, the Sudpresse group, the French regional publications, including La Voix du Nord, and Union de Reims and l'Ardennais, which sites were disabled during the attacks, were targeted.

According to the prosecutors, five-year prison sentence will be given to those two teens, if the prosecutors find them guilty. Similarly, those persons will have to pay a fine of up to 100,000 euros and also to have to compensate for the damages.


In a statement Brussels prosecutors said that the regional unit of computer crime managed to identify the two teens, who are 18 and 16 years old, behind the cyber attacks on Sunday and Monday.

The hacking, which took place on Sunday evening, forced the Le Soir to close down its website for several hours.

The Belgian media group Rossel and the Belgian group IMP filed a police complaint last week.

The authorities carried out three raids in Belgium. During the raids, they discovered one address which linked to the attacks.

An examining magistrate has been investigating the case. They will try to find out, if others are involved or not in the attacks, the authorities said.

In a video by an anonymous group of Belgian, said that it had identified one of the teens as an adolescent who lives in Belgium and loves playing games.

The group, which is said to be hackers’ group, said it shared information with the police as it was protecting freedom of expression.

Russian police arrest suspects behind Nazi-loving Android malware

A Nazi-themed malware control panel- The Spveng Gang (pc- www.forbes.com)
A 25-year-old has been arrested by The Russian Ministry Of Internal Affairs for creating a particularly harmful strain of Android-money stealing malware ‘Spveng’, which had infected around 350,000 google devices last year. The officers have also arrested four other individuals of the cybercriminal gang, who are reportedly fond of Nazi iconography.

This particular campaign was a huge concern for the Russian Police as it robbed at least 50million rubles ($930,000) from innocent citizens and the country’s largest bank Sberbank picked up on attacks in 2013 prior to becoming an ally in the investigation. However, in the US, UK and Europe, Android users were also attacked by Svpeng.

According to reports, the existence of the Svpeng was first brought to light in July 2013 by Kaspersky Lab, whose products detect the threat as Trojan-SMS.AndroidOS.Svpeng.

According to Group-IB, the Russian cybercriminals first started stealing money from their victims’ accounts by using SMS banking. The malware intercepted all SMS messages on the infected phone and then used SMS banking to send commands for money transfers. The malware intercepted the payment confirmation codes to ensure that the transfer could be completed without raising suspicion.

For distribution of this malware, a fake link of Adobe Flash Player was sent via SMS texts. The link would allow downloading of the Trojan and scan for particular American banking apps such as those of Wells Fargo, Citi Amex, Chase and Bank of America but there is no proof about the purpose of the app after performing scanning.               

Colombian hacker gets 10 years in jail for spying



A Colombian court sentenced hacker Andres Sepúlveda to 10 years in prison after he admitted to various crimes, including spying on the government’s peace talks with the Revolutionary Armed Forces of Colombia (FARC). He admitted to spying on representatives of both the government and the FARC guerilla during peace negotiations.

The Internet pirate was arrested in May 2014 after being traced to secret offices that hacked confidential information and messages, including one whose objective was to sabotage the peace process.
 
According to the sentence handed down by the 22nd Presiding Court of Bogota, he was judged guilty of five crimes including, espionage, illegal wire-tapping, malicious use of software, breaching communications, and unauthorized access to classified information. He must also pay a fine of his current monthly minimum salaries as part of the agreement.
Sepulveda intercepted the communications of top-ranking FARC Commander Rodrigo “Timochenko” Londono and former Senator Piedad Cordooba.

According to the investigation, then-presidential candidate Óscar Iván Zuluaga hired Sepúlveda to carry out a smear campaign against President Juan Manuel Santos during the 2014 presidential campaign. The hacker told authorities that former President Álvaro Uribe was aware of his operations, and that Zuluaga paid him to undermine the peace process.

Sepúlveda has accepted the prosecution's offer of a reduced penalty in exchange for his cooperation. He cut a deal with the prosecutors in February that limited his prison term to 10 years in exchange for providing information that could help Colombian authorities.

Three suspects arrested in china for spreading WireLurker malware


Now a days, any mention of malware and Macs in the same setting generally conjures up images of WireLurker. It was notable as a new family of malware specifically targeting iOS devices via USB and is able to penetrate the iPhone's strict software controls.

WireLurker has been in action in China for the past six months, first infecting Macs by inserting Trojan software through repackaged OS X apps, then moving on to iOS devices. The firm claims that it is the first to automate generation of malicious iOS apps by implementing a binary file replacement attack.

Security experts at Palo Alto Networks traced WireLurker in a research paper saying "It is the biggest in scale we have ever seen! “. WireLurker can jump from a Mac onto an iPhone running a vanilla version of Apple's operating system by leveraging Apple's enterprise provisioning assets.

The WireLurker attackers "probably aren't people who do this often," says Ryan Olson, intelligence director of Palo Alto Networks' Unit 42. They are "clearly very skilled MacOS or iOS developers," but they definitely are not very experienced in writing malware.

With Apple's global smart phone market share continues to rise, so do the number of attempts to surreptitiously harvest data from unsuspecting consumers. As for who created WireLurker, Palo Alto's best guess is that this is one individual or a small group of individuals operating within China, independently of any nation-state. They could be a startup malware house in the new financially motivated, politically independent cybercrime underground growing behind the Great Wall.

Taking advantage of an app provisioning vulnerability, WireLurker lays dormant on a user's computer in an infected OS X app. The malware monitors for new iOS devices and installs malicious apps downloaded from an off-site server or generated autonomously on-device. From there, the program can access user information like contacts, read iMessages and perform other functions determined by the command-and-control server.

So far, 467 OS X apps have been infected and distributed through China's third-party Maiyadi App Store, with downloads totaling over 356,104 possibly impacting "hundreds of thousands of users."

While many publications have dubbed WireLurker “a new brand of threat,” it seems that the majority of users have nothing to worry about. It’s relies on a USB connection for delivery—a practice that has gone by the wayside for most folks in recent years.

On November 14, the Beijing Municipal Public Security Bureau announced it had arrested three people in connection with the WireLurker malware which brought a sense of relief among Apple users of China.

The police received a tip from the Chinese technology company Qihoo 360 and subsequently arrested three individuals, respectively surnamed Chen, Li, and Wang.

The third-party app store that had been serving WireLurker, Maiyadi, was also shut down. Apple has already taken steps to block infected programs but the rest of the work rests on users.

Author:
Medha Anand

Alleged "NullCrew" Hacker arrested by FBI

FBI has arrested a 20-year-old Tennessee man for allegedly conspiring to launch cyber attacks on a number of businesses and educational organizations.

Timothy Justin French, known online as 'Orbit', is believed to be part of the famous hacking group "NullCrew".  The group is best known for its hacking attacks against World Health Organization and PBS.  Earlier this year, the group also hacked into Bell Canada website.

According to the DOJ, the FBI with the help of 'confidential witness' approached members of the Nullcrew Team on Skype, Twitter and CryptoCat.

After gaining their trust, Fed's inside man engaged them in conversations that includes discussions on past,present and future attacks and their hacking techniques.

The FBI used the information gathered by witness to track the IP address of one of the computers used in some of the NullCrew attacks.

"The computer hacking charge in this case carries a maximum sentence of 10 years in prison and a $250,000 fine. If convicted, the court must impose a reasonable sentence under federal statutes and the advisory United States Sentencing Guidelines."

Two Anonymous hackers arrested by Australian Police

After a lengthy investigation, two people believed to be members of Anonymous hacker group have been arrested for allegedly hacking into government and corporate websites.

Police says a 40-year-old man from Western Australia has been charged with hacking into Melbourne IT Ltd's computer network in Brisbane and Indonesian government web servers, Australian Broadcasting Corporation reports.

The 18-year-old man from Penrith was charged with hacking into NetSpeed ISP located in Canberra and ACT Long Service Leave Authority.

These two were reportedly involved in several cyber attacks which includes modifying the content of websites and disrupting access to many websites by launching Distributed Denial of service(DDoS) attacks.  These attacks date back to 2012.

A number of computer hard drives and other computer equipments from the suspects' house have been seized by Police.  

Two Students arrested for hacking into School System to change Score

Two students from a college in Shanghai's Songjiang District have been arrested for allegedly breaking into their school's computer systems to change their grades.

The college students named Chen and Zhang didn't attend the morning physical education class regularly.  So, they decided to break into the college's system and change their scores in December 2013.

After students heard about their successful effort, other students turned to them for help.

According to Shanghai Daily report, they charged 15 yuan to 20 yuan for each change they made in school's database.

They earned more than 80,000 yuan(more than $12,000) by helping over 200 students.

The school noticed the false records in March and fixed the vulnerability that allowed them to change the scores. 

18-year-old Miami Student arrested for hacking school computer to change grades


Hacking School's computer network and changing the Grade is not the right way to get good Grades

A 18-year-old Miami High School student was arrested after he allegedly hacking into the Miami-Dade Public Schools database to his grades and grades of four other students.

Jose Bautista, was charged with multiple counts including intellectual property offence and offense against computer users, after he reportedly gave Princiapal a written confession.

He was released on a $20,000 bond.  Judge ordered him to place him under house arrest and wear a GPS tracking device.

"It's not fair to the people that really try," said Mayan Dehry, a senior student at the school."I don't know, if you're just going to be lazy and then change your grades, that's not what learning is about."

Hacker arrested for exploiting HeartBleed vulnerability to steal information

A 19-year-old computer science student has been arrested by the Royal Canadian Mounted Police (RCMP) and accused of stealing personal data by exploiting the "HeartBleed" vulnerability.

HeartBleed, the bug that left the Internet vulnerable, is a recently uncovered security flaw in the popular open-source encryption library(OpenSSL) which allows attackers to read memory of the server running vulnerable OpenSSL - means attacker can steal sensitive information.

Stephen Arthuro Solis-Reyes from London, Ontario, accused of exploiting HeartBleed bug to steal sensitive information from servers of the Canadian Revenue Agency(CRA), according to RCMP.

During the Police raid, his computer was seized by Canadian police.  He is scheduled to appear in court in Ottawa on July 17.

The arrest came after CRA announced that someone exploited the HeartBleed bug to steal 900 Social Insurance numbers of taxpayers.  The agency had shut down its site temporarily to prevent further attacks.

"The RCMP treated this breach of security as a high priority case and mobilized the necessary resources to resolve the matter as quickly as possible." Assistant Commissioner Gilles Michaud said in a statement.

"Investigators from National Division, along with our counterparts in “O” Division have been working tirelessly over the last four days analyzing data, following leads, conducting interviews, obtaining and executing legal authorizations and liaising with our partners".

9 charged for stealing millions of dollars with Zeus Malware

The Zeus malware is one of the most damaging pieces of financial malware that has helped the culprits to infect thousands of business computers and capture passwords, account numbers and other information necessary to log into online banking accounts.

U.S. Department of Justice unsealed charges against nine alleged cyber criminals for distributing notorious Zeus malware to steal millions of dollars from bank accounts.

Vyachesla V Igorevich Penchukov, Ivan Viktorvich Klepikov, Alexey Dmitrievich Bron, Alexey Tikonov, Yevhen Kulibaba, Yuriy Konov Alenko, And John Does are charged to devise and execute a scheme and artifice to defraud Bank Of America, First Federal Savings Bank, First National Bank Of Omaha, Key Bank, Salisbury Bank & Trust, Union Bank And Trust, And United Bankshares Corporation, all of which were depository institutions insured by the Federal Deposit Insurance Corporation.

They are also accused to use Zeus, or Zbot, computer intrusion, malicious software, and fraud to steal or attempt to steal millions of dollars from several bank accounts in the United States, and elsewhere.

It has also been reported that defendants and their co-conspirators infected thousands of business computers with software that captured passwords, account numbers, and other information necessary to log into online banking accounts, and then used the captured information to steal millions of dollars from account-holding victims' bank accounts.

Account holding victims include Bullitt County Fiscal Court, Doll Distributing, Franciscan Sisters Of Chicago, Husker Ag, Llc, Parago, Inc., Town Of Egremont, And United Dairy...


They have also been given notice by the United States of America, that upon conviction of any defendant, a money judgment may be imposed on that defendant equal to the total value of the property subject to forfeiture, which is at least $70,000,000.00.

The United States of America has also requested that trial of the case be held at Lincoln, Nebraska, pursuant to the rules of this Court. The Metropolitan Police Service in the U.K., the National Police of the Netherlands’ National High Tech Crime Unit and the Security Service of Ukraine are assisting the investigation.