Rock Center
It was a crime of staggering sophistication by computer hackers who figured out a new way to get rich.
In a case that became known as Trident Breach, the hackers stole $70 million from the payroll accounts of some 400 American companies and organizations – all from the safety of their homes in Eastern Europe.
“I think it’s the perfect definition of organized crime,” said FBI Executive Assistant Director Shawn Henry. “It’s very well organized. It’s very well-structured. It requires many people operating in unison, in a collaborative way.”
At the beginning of 2008, the group of hackers compromised hundreds of thousands of Americans computers using a malicious computer “Trojan” bug called ZeuS. When computer users clicked on certain attachments and e-mail links, ZeuS infected their computers.
ZeuS is designed to zero in on users’ bank information. For example, when a user visits a bank website, ZeuS knows; and since it is a key logger program, it records the user's keystrokes as he or she enters usernames and passwords. It then sends that information by instant text message to waiting hackers, who then have access to the compromised accounts.
Henry is one of the country’s top cybercrime fighters. He says Americans are increasingly prone to “virtual gangs” prying on people’s personal data stored on their computers.
“We have organized groups that have developed internationally where groups of people have come together, each with a very specific capability and skill, who have never met each other in the physical world, but they meet online in a collaborative way,” he said.
Henry says that the security breaches have the potential to be more than just criminal acts. They could pose a national security risk.
“There are foreign intelligence services that are aggressively pursuing American technology. They’re aggressively pursuing American strategy. They’re looking at the American military, the American consumer, the American corporations, research and development organizations, laboratories, educational facilities,” Henry said. “The amount and value of data that is on the network is at an unprecedented level. Our adversaries know that that data is there. It’s information and information is valuable."
Money Mules Help Hackers Get $70 Million
In the Trident Breach case, the hackers were able to get their hands on the cash by turning people into money mules.
Beginning in late 2008, they created some 3000 money mules, many of them unwitting Americans, by luring them into work-at-home jobs requiring "employees" to open bank accounts.
“The first money mule activity we started seeing was people who would receive an email saying, ‘You can get a work-at-home job’ and the work-at-home job would be something like transaction manager for an international company,” said Prof. Gary Warner of the University of Alabama at Birmingham, who teaches a program that combines computer forensics and justice studies.
Warner is also a member of the little-known FBI-affiliated group called InfraGard, comprising some 50,000 members across the United States who keep an eagle eye on U.S . critical infrastructure: power plants, water supply, security and financial services…and the internet. Warner said the hackers transferred cash from business payroll-type "ACH" (Automated Clearing House) accounts to the mule accounts and the mules sent the cash by Western Union or MoneyGram to Eastern Europe, taking eight or 10 percent commission.
Warner said that when the banks started to get wise to the hackers’ work-at-home schemes, and set up roadblocks, the hackers then recruited dozens of students, mainly from southern Russia, to be a new breed of money mule.
“It’s still a little gray whether the students who were recruited knew that they were being recruited for crime,” Warner said.
The hackers obtained fake passports for the students, U.S. J1 work/study visas, and packed their new mules off to the United States. The students opened multiple bank accounts, mainly in the New York area, where they received stolen cash. Then, just as the mules before them had, they wired the cash back to their bosses.
University Professor Helps FBI Crack Cybercrime Case
So stealthy was their ZeuS operation, neither the hackers nor the mules had counted on getting caught. But, using complex data mining techniques, Prof. Warner established links between ZeuS-infected computers and traced the origins of the mass infection to Ukraine; and many of the hackers and their mules were caught.
But 18 mules remained at large in the United States. And after the FBI published a wanted poster of the students, Warner’s students began using what they’d learned in class to track the criminals.
“So the students used the techniques we had taught them during investigating online crime [class] and began crawling Facebook pages and VKontakte, which is a Russian version similar to Facebook and were able to quickly identify profile pages of almost all of them, at-large mules,” Warner said.
Warner’s students discovered one of the students-turned-mules had brazenly posted pictures of herself with a wad of hundred-dollar bills. Another had posted a picture of himself dressed in an “I ❤ New York” top, arms aloft, celebrating in a bar with his friends – some of whom turned out to be other money mules. And another was pictured standing next to the new car he has presumably just bought.
Though all the mules – except one – were arrested, that does not necessarily mean the end of the money mules, says Gary Warner.
“ZeuS infections are rampant still today. There are probably millions of computers in the United States that have active Zeus on their machines right now,” Warner said.
Leave a Comment:
Roger: That's YOU'RE invincible.
Don't try to appear intelligent with your comments, and then make a 2nd grade level grammar error. It makes you appear naive, unintelligent, and foolish.
YourYou Are right, excuse my one error. I use the slang all of the time. What can I say, I'm old !Does it matter what OS anyone was using that got the virus. Please don't tell me
youryou are invincible to a virus because of your iOS or Linux. You obviously don't know a thing about them if you do. Just because the 3 people who use one or the other have not gotten a virus, does not mean they can not. Lammer !I am still a bit hazy on the pay these students received for their work. Did the FBI pay them or get this work done for free? If the students' work was for free, then who is stealing from whom?
I'd say they probably got an A on their lab work and can put "assisted in solving $70,000,000 international cybercrime spree with US FBI" onto their resume. Nice way to start life as a computer guru.
Lucky for the students they now have something on their resume. CyberSec students are pouring out of colleges with zero experience, and nobody is hiring them. Entry level jobs are going to experienced people. If you're crazy enough to graduate before you get an internship you soon discover the government and large corporations won't consider you for an internship, even if you graduated summa cum laude. You're done? Great, now you're a second class citizen. And if you have zero experience good luck trying to break into this clique.
In regards to your last question yes the kids didn't get paid, which is what all corporations want these days. Something for nothing, corporate welfare with the backing of the RNC and CPAC.
John Robert....I am always amazed that people demand to know what who got for this or that....People often just cooperate and try to do the right thing without demanding .....but, I doubt that you would understand anything like that...
Compensation is compensation, but if I had the skills and the FBI came to me for help sovling this specific case knowing that I am helping America be more secure by solving this case, I would have done it for free. This is not bad, considering other agencies such as the CIA go to different countries, pay people of interest to defect. I would rather have the integrity on this one for free.
Sure wish they would crack this guy while their at it,
When will our people start stealing from Europe? We have to catch up. Come on guys show some American Pride, get in the game. Bring home the bacon, kick some ass. They have lot's of goats and cabbage's over there, go get some.
Well so far all we have been able to break into was Greece.......and it was empty.
For Windows or maybe Mac Folks, do you want to secure your bank info surf in peace ? well just get a linux/freeBSD Virtual Machine installed in your windows/mac box ( I m not telling you get rid of your lovely OS) and whenever you want to do a transaction or use your credentials in some sites just turn on your VM.
FYI : using Linux is not Rocket Science
Virtual Machine Is this really safe or just more BS ?
not the VM itself, I m saying run a unix/linux based OS on a VM if you don't want to get rid of your Windows.
Using VM can be also safe but that's a different subject, If a VM OS gets infected and you don't store data in it of course revert it to the original snapshot.
You can use Virtual Machine Player or Virtual BOX to host your OS and both are free.
Does convenience equal complacency? So many people use the Internet for banking and other financial purposes but know little and assume much about the privacy and protection of your accounts. Check with reputable computer techs about which system of security is best for how you use your computer.
Thank you
CSWI and Mathew, Houston,TX
You are the only people with intelligent and useful posting
I work daily on cust pc's that open emaill attachments and get attacked. When will people learn that email attachments unless you know the person well sending it is dangerous? NEVER I expect.
Great job everyone and thank you!!!
Now hopefully we can get past the OS debate and get back to the article at hand "these students hard work paying off"...maybe idk just a thought
What is up with the bank accounts it takes a friggin act of congress for an american citizen to open a post office box at the post office!!! When did Bruce Willis start working for the FBI look at the pick above LOL
Great work by students and prof. I am convinced they accomplished this precisely by being outside the bureaucratic and corporate machinery in which hackers so easily dive for our most personal and prized information. Basically, if Bank of America, Citi, Wells Fargo, etc were required to protect their customers with a small portion of their profits, "hackers" would be few and far between.
Hoorah! for the new generation of crime fighters. Our universities are turning out some good people.
I think these students should be well rewarded to encourage more students to crack these commie thieves. And yes, they are leftovers from the old regimes. I was in Ukraine a few years ago and nobody trusts anyone.
Here's the problem with PC vs Mac debate... Lets say everyone switches to Mac, guess what now all the hackers are going to write virus for Mac's and the PC will now be virus free... The reason Hackers target PC's is not because its easier to write virus for, it's because thats what the majority of people use. If this popularity shifted to the Mac then the Mac would be the #1 target for viruses.... Same thing with Linux systems....
I have to wonder about all the money we spent on the NSA, which is reportedly recording every word phrase and whisper to analysis. Do they not worry about the transfer of 70m to potential terrorists? What about all that money being spent in Utah for a state of the art bottomless storage facility?
Do the students get extra credit?
I would think so. It's earned.
Hacking is like stealing from the cookie jar -- society at large makes it so easy.
YES! YES!YES! My own experience is that degrees and certifications are not held or kept up to date by most large corporation IT folks (let's not even discuss public entities). Which means whatever you work with is worthless unless the Board has the slightest respect and command of fulfilling customer needs - in this case protection of privacy. This shouldn't be an IT argument; this should be a consumer protection argument.
This comment section was about internet fraud, until Billionaire Bill's trolls showed up.
Huh? You don't track clearly.
Didn't catch the ones in Mexico yet. Nice little chip in cybercrime.
Great Job. Good looking out. Law enforcement should hire these guys and gals.
Wow, I love computers.
I am sure the FBI worked hand in hand with these geeks; not. Just taking credit for it.
There was a time when you couldn't have paid me to use a MAC. Then my wife bought one. Within a year it became mine, and she is looking at a MAC Air. I have owned many PC's over the years, and suffered all the usual problems. They all suffered issues within 3 1/2 ish years (or less) and needed to be replaced. I've had the MAC i'm using to type this comment for 5 years now, and it has never blue screened on me, never crashed, and still runs just as well as it did when I bought it. I'll never buy another PC again, and no, i'm not an artist either.
So many think MAC's are just for artists or creative people. That's just BS. I can interact with windows products such as MS Office just as easily as anyone with a PC. And, i've NEVER had a virus affect my MAC.
I also love the crap I get about my Prius. I laugh all the way to the bank.
Next thing you know, we'll use Virtual Machines to do our secure business; or work the other way around and treat them as our sandbox.
For instance, run a Chromium or a Linux virtual machine for non-secure browsing. Download some malware and ensure there is no file-sharing between VM and client and hope it's sufficient.
VMWare Player is free (as is VirtualBox) and hexxeh has some free Chromium builds. You can install many linux flavors for free as well. However, someone is going to have to set it up for the people who keep falling for classical malware...