Swiss authorities have apprehended a Ukrainian countrywide required by the Federal Bureau of Investigation (FBI) for 12 a long time for connections with a cyber-criminal team that stole tens of millions of dollars from bank accounts employing malware named Zeus.
Vyacheslav Igorevich Penchukov was arrested in Geneva on Oct 23, 2022, and is now pending extradition to the US, reported impartial security journalist Brian Krebs.
Penchukov was to start with named in a 2012 indictment by the US Office of Justice, together with Ivan Viktorvich Klepikov and Alexey Dmitrievich Bron, as one of the leaders in the JabberZeus Crew, a small cyber-prison gang from Ukraine and Russia that attacked victims with a personalized model of the Zeus banking Trojan.
“The indictment alleges that the ‘Zeus’ malware captured passwords, account figures, and other details necessary to log into on the net banking accounts,” study the courtroom document at the time. “The conspirators allegedly employed the information and facts captured by ‘Zeus’ to steal thousands and thousands of bucks from victims’ lender accounts.”
Two additional users of JabberZeus, Yevhen Kulibaba and Yuriy Konovalenko, pleaded guilty in November 2014 just after remaining arrested and deported from the British isles. They ended up sentenced to two a long time and 10 months of incarceration a yr later on.
All contributors in the gang were being accused of conspiracy to commit computer system fraud and identity theft, conspiracy to participate in racketeering exercise, aggravated identity theft and many counts of lender fraud.
The crew’s identify derived from the malware they utilised, which was configured to deliver them a Jabber quick information every single time a new target entered a just one-time password (OTP) code into a phishing website page mimicking their lender.
According to Krebs, the JabberZeus gang primarily targeted little and mid-sized organizations, and its members had been pioneers of the so-named ‘man-in-the-browser’ assaults.
Soon after accessing victims’ lender accounts, the hackers would modify the firm’s payroll to contain dozens of ‘money mules’ who would handle bank transfers and forward any stolen payroll deposits abroad.
The original version of the Zeus banking Trojan was allegedly established by an nameless unique regarded by the manage “blessed12345,” as per a Wired report from 2017.
The Zeus criminal group has now been reportedly dismantled, but several years later, banking Trojans keep on being a pressing issue in the cybersecurity community.
Some parts of this article are sourced from:
www.infosecurity-magazine.com