Slashdot Mirror

← Back to Stories (view on slashdot.org)

Gang Arrested For Stealing Millions Using ZeuS

Posted by CmdrTaco on from the they-own-a-bar-in-philly-too dept.

Orome1 writes "Nineteen people were arrested yesterday in the UK and are suspected of being part of an Eastern European gang that used the ZeuS Trojan to steal online banking credentials from unsuspecting victims and siphon around £2 million per month to their accounts."

17 of 66 comments (clear)

  1. why not by rossdee · · Score: 3, Funny

    Religions have been using to steal money from the believers for thousands of years, its about time the ancient Greeks had a go at it...

  2. Re:FREE KEVIN by mapkinase · · Score: 3, Informative

    Usually "mob" refers to organizations with more diversified activities, traditionally including prostitusion, drugs, racketeering.

    I do not see any reference in the OA to other criminal activities.

    I would not even call it a "gang", which is now reserved to groups united not only by the trade, but also some ideological hocum on top of it.

    It's just a small criminal organization, that's it.

    --
    I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
  3. Re:Shouldn't Software Houses Be Held Accountable? by Spad · · Score: 5, Insightful

    Why though? If Joe User is dumb enough to run "JustinBieberNaked.exe" as root/admin/whatever then no amount of OS security will prevent the machine from being compromised. The weakest point of any system is always between the keyboard and the chair.

    Now if you're talking clear negligence in not fixing known issues, etc. then perhaps you have a case, but then why drawn the line at big companies, surely everyone should be equally liable even if they're a one-man operation working out of their bedroom?

  4. Re:FREE KEVIN by Narcocide · · Score: 5, Funny

    It's just a small criminal organization, that's it.

    I think the word you're looking for is "company."

  5. Re:Shouldn't Software Houses Be Held Accountable? by boneclinkz · · Score: 2

    Shouldn't software houses of that magnitude be held accountable for at least something like this?

    Absolutely not.

  6. Re:Shouldn't Software Houses Be Held Accountable? by Narcocide · · Score: 2, Informative

    Yes, despite an EULA that disavows them from any responsibility they actively market to the government, the military, and other purveyors of critical infrastructure and flat-out *lie* about its suitability for these purposes. This is criminal activity and should be addressed. At the very least there should be a warning label on the box - something like the government requires on other hazardous consumer goods like alcohol, tobacco, pesticides and household cleaners.

  7. Re:Shouldn't Software Houses Be Held Accountable? by Errol+backfiring · · Score: 2, Insightful

    Should builders be accountable if your back door can be cracked with a simple crowbar? Breaking in is easier then keeping things or people out. In fact, it is so difficult to keep people out, that security is only added for "too easy" breaches. And then raised as necessary. And off course it must be used wisely. For a lot of vulnerabilities, you still have to invite the vampire in first.

    --
    Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!
  8. Re:Shouldn't Software Houses Be Held Accountable? by darpified · · Score: 2, Informative

    Some accountability for their software, but this isn't the time or place for it. How many of these were cases of the user of the OS doing something stupid? At some point the user of the device needs to be held accountable for not properly patching/updating the device. If the software is something truly important, Space Shuttle O2 system, nuclear power plant, etc... Yes, they should be accountable for defects, but not because Facebook User #2,290,231 clicks on a malicious advertisement and gets malware installed because he didn't patch.

  9. Re:FREE KEVIN by mcgrew · · Score: 2, Informative

    Mob: 1 : a large or disorderly crowd; especially : one bent on riotous or destructive action
    2 : the lower classes of a community : masses, rabble
    3 chiefly Australian : a flock, drove, or herd of animals
    4 : a criminal set : gang; especially often capitalized : mafia 1
    5 chiefly British : a group of people : crowd

    Gang a (1) : a set of articles : outfit
    (2) : a combination of similar implements or devices arranged for convenience to act together
    b : group: as
    (1) : a group of persons working together
    (2) : a group of persons working to unlawful or antisocial ends; especially : a band of antisocial adolescents
    2: a group of persons having informal and usually close social relations

    Id say that "mob" and "gang" or used correctly, according to the dictionary, regardless of how you "usually" see it.

    --
    Free Martian Whores!
  10. Re:Shouldn't Software Houses Be Held Accountable? by markusre · · Score: 2, Interesting

    My heart tells me to bash MS, too.
    But in this case..... heres my login message:

    "Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
    permitted by applicable law."

    So in this case Debian(and i think this is true for most linux distributions) is similar to windows.
    Please note that i refer to the notice, that it's not responsible and NOT to the actual amount of security issues.

  11. Primer on how to get caught. by Freddybear · · Score: 2, Interesting

    Grabbed too much. Set off flags at the banks. Did the deed from a traceable location. And then kept on doing it until the cops showed up.

    1. Re:Primer on how to get caught. by Mattpw · · Score: 2, Interesting

      Many ZeuS packages have an option to remove the outgoing transactions from the user's browser as part of the MITB package, this includes changing the balance total to before the outgoing transactions were made so the user wont know until a paper statement turns up if one ever does as many banks are ditching paper statements in favor of browser based ones. And since they are now using the same trojan tactics on users mobiles to defeat mobile sms authentication I am sure you will see a Zeus mobile trojan upgrade to divert any calls made to the banks hotline number to an even more "helpful" team who will probably need even more user information "to get to the bottom of this please give us your..." /s

  12. Re:Shouldn't Software Houses Be Held Accountable? by Jurily · · Score: 2, Insightful

    You sound like a person blaming women being raped because she dresses sexy.

    The people we're talking about are not just dressing sexy, they're walking in a prison, pulling their pants down and yelling "Come and get it, boys!".

  13. ZeuS is now bypassing mobile SMS authentication by Mattpw · · Score: 2, Interesting

    More interesting news this week is the gang behind ZeuS, as predicted, have successfully integrated man in the middle attacks against mobile phone two-factor authentication schemes. http://securityblog.s21sec.com/2010/09/zeus-mitmo-man-in-mobile-i.html

  14. Oblig. by Bobb+Sledd · · Score: 2, Funny

    Opulence. I has it.

    --
    "They said I probly shouldn't fly with just one eye," "I am Bender. Please insert girder."
  15. you have a point... by KingAlanI · · Score: 2, Insightful

    in your commandline entries.
    If Linux gets more popular, porn.wmv.exe is just going to become porn.ogg.rpm or something.

    I don't think either of the sex analogies capture the "doing something stupid but don't know how stupid it is" essence.

    --
    I listen to both RIAA and non-RIAA stuff if I like the music, tangential business/politics nonwithstanding.
  16. Re:ITs a political show by turtleshadow · · Score: 2, Interesting

    Its a political show.

    It was a synchronized raid by e-crimes unit of the Yard + photojournalist

    It has the standard political trial the bad guy in the press pictures
    a) stackup of officers in body armor and battering ram -- check
    b) photos of the "crime scene ala the laptop" -- Check -- nice Orthodox icons BTW
    c) photos of the guilty being lead away in irons by the guard -- Check and Check

    It makes no mention of where the money went but only that the active criminals are caught. Some things to think about

    1) 2 M &#163 divided by 19 conspirators (unlikely if equally) is still four times the average wage in Britain and just over the top salary of an defective for the yard after 10 years.

    2) It doesn't mention what means the yard used. I mean the interception, the wire tapping and other means to know when the transaction was to occur-- to put doubt into the criminal mind?
    did the yard keylogger the keyloggers?
    did the yard just pay off for a tip?
    The yard could hide their means with the need for state secrecy unlike US courts --- until recently.
    Still want to take your mobile and net book on your holiday to London?

    3) I doubt they got Keyser Söze