dia.dia.diyah: Cyberthieves rely on human foot soldiers

RSS FEED

TWITTER

Cyberthieves rely on human foot soldiers

22.39

Diyah Patimah , 0 Comments

Sitting at computer somewhere overseas in January 2009, computer hackers went phishing.

Within minutes of casting their electronic bait they caught what they were looking for: A small Michigan company where an employee unwittingly clicked on an official looking email that secretly gave cyberthieves the keys to the firm’s bank account.

Before company executives knew what was happening, Experi-Metal Inc., a suburban Detroit manufacturing company, was broke. Its US$560,000 bank balance had been electronically scattered into bank accounts in Russia, Eastonia, Scotland, Finland and around the US.

In August, the Catholic Diocese in Des Moines, Iowa, lost about $680,000 over two days.

The diocese and the Detroit company were among dozens of individuals, businesses and municipalities around the country victimized by one of the largest cybertheft rings the FBI has uncovered.

In September, the bureau and its counterparts in Ukraine, the Netherlands and Britain took down the ring they first got wind of in May 2009 when a financial services firm tipped the bureau’s Omaha, Nebraska, office to suspicious transactions. Since then, the FBI’s Operation Trident Breach has uncovered losses of$14 million and counting.

Overall in the last two years, the FBI has opened 390 cases against schemes that prey on businesses that process payments electronically through the Automated Clearinghouse, which handles 3,000 transactions every five seconds. In these cases, bureau agents have uncovered thefts totaling $220 million and actual losses of $70 million.

But the court records of Operation Trident Breach reveal a surprise: For all the high-tech tools and tactics employed in these computer crimes, platoons of low-level human foot soldiers, known as “money mules”, are the indispensable cogs in the cybercriminals’ money machine.

A dozen FBI criminal complaints filed in New York provide an inside look at how this cybertheft ring worked: Operation from Eastern Europe and other overseas locations, the thieves used malicious software, known as malware, to infect the computers of unsuspecting users in the United States by email.

The malware-infected emails were written to look like they come from company manager or colleague who might send an email message to everyone in company, such as the head of human resources.

When the email recipient clicked on an embedded link to a website or opened an attachment, a Trojan horse virus called Zeus installed itself and gathered usernames, password and financial accounts numbers typed by victims on their own computer. The hackers then used this information to move the victims’money electronically into bank accounts set up in the United States by money mules.