Rock Center
It was a crime of staggering sophistication by computer hackers who figured out a new way to get rich.
In a case that became known as Trident Breach, the hackers stole $70 million from the payroll accounts of some 400 American companies and organizations – all from the safety of their homes in Eastern Europe.
“I think it’s the perfect definition of organized crime,” said FBI Executive Assistant Director Shawn Henry. “It’s very well organized. It’s very well-structured. It requires many people operating in unison, in a collaborative way.”
At the beginning of 2008, the group of hackers compromised hundreds of thousands of Americans computers using a malicious computer “Trojan” bug called ZeuS. When computer users clicked on certain attachments and e-mail links, ZeuS infected their computers.
ZeuS is designed to zero in on users’ bank information. For example, when a user visits a bank website, ZeuS knows; and since it is a key logger program, it records the user's keystrokes as he or she enters usernames and passwords. It then sends that information by instant text message to waiting hackers, who then have access to the compromised accounts.
Henry is one of the country’s top cybercrime fighters. He says Americans are increasingly prone to “virtual gangs” prying on people’s personal data stored on their computers.
“We have organized groups that have developed internationally where groups of people have come together, each with a very specific capability and skill, who have never met each other in the physical world, but they meet online in a collaborative way,” he said.
Henry says that the security breaches have the potential to be more than just criminal acts. They could pose a national security risk.
“There are foreign intelligence services that are aggressively pursuing American technology. They’re aggressively pursuing American strategy. They’re looking at the American military, the American consumer, the American corporations, research and development organizations, laboratories, educational facilities,” Henry said. “The amount and value of data that is on the network is at an unprecedented level. Our adversaries know that that data is there. It’s information and information is valuable."
Money Mules Help Hackers Get $70 Million
In the Trident Breach case, the hackers were able to get their hands on the cash by turning people into money mules.
Beginning in late 2008, they created some 3000 money mules, many of them unwitting Americans, by luring them into work-at-home jobs requiring "employees" to open bank accounts.
“The first money mule activity we started seeing was people who would receive an email saying, ‘You can get a work-at-home job’ and the work-at-home job would be something like transaction manager for an international company,” said Prof. Gary Warner of the University of Alabama at Birmingham, who teaches a program that combines computer forensics and justice studies.
Warner is also a member of the little-known FBI-affiliated group called InfraGard, comprising some 50,000 members across the United States who keep an eagle eye on U.S . critical infrastructure: power plants, water supply, security and financial services…and the internet. Warner said the hackers transferred cash from business payroll-type "ACH" (Automated Clearing House) accounts to the mule accounts and the mules sent the cash by Western Union or MoneyGram to Eastern Europe, taking eight or 10 percent commission.
Warner said that when the banks started to get wise to the hackers’ work-at-home schemes, and set up roadblocks, the hackers then recruited dozens of students, mainly from southern Russia, to be a new breed of money mule.
“It’s still a little gray whether the students who were recruited knew that they were being recruited for crime,” Warner said.
The hackers obtained fake passports for the students, U.S. J1 work/study visas, and packed their new mules off to the United States. The students opened multiple bank accounts, mainly in the New York area, where they received stolen cash. Then, just as the mules before them had, they wired the cash back to their bosses.
University Professor Helps FBI Crack Cybercrime Case
So stealthy was their ZeuS operation, neither the hackers nor the mules had counted on getting caught. But, using complex data mining techniques, Prof. Warner established links between ZeuS-infected computers and traced the origins of the mass infection to Ukraine; and many of the hackers and their mules were caught.
But 18 mules remained at large in the United States. And after the FBI published a wanted poster of the students, Warner’s students began using what they’d learned in class to track the criminals.
“So the students used the techniques we had taught them during investigating online crime [class] and began crawling Facebook pages and VKontakte, which is a Russian version similar to Facebook and were able to quickly identify profile pages of almost all of them, at-large mules,” Warner said.
Warner’s students discovered one of the students-turned-mules had brazenly posted pictures of herself with a wad of hundred-dollar bills. Another had posted a picture of himself dressed in an “I ❤ New York” top, arms aloft, celebrating in a bar with his friends – some of whom turned out to be other money mules. And another was pictured standing next to the new car he has presumably just bought.
Though all the mules – except one – were arrested, that does not necessarily mean the end of the money mules, says Gary Warner.
“ZeuS infections are rampant still today. There are probably millions of computers in the United States that have active Zeus on their machines right now,” Warner said.
Leave a Comment:
The "Techies and Nerds "should get like a 10% finders fee or reward or something for saving the day, and should be offered jobs in the F.B.I.'s cybercrime unit
Well Done
Why work for the FBI? They'll work for the banks and make better money. Justice is cheap.
Because I think most of these students are principled, ethical, and motivated to work for socieiety rather than against it. Justice is NOT cheap.
These students are to be admired...On the other hand...Hackers and the virus spreaders I suspect were the same people who used to damage toilets and sinks in public restrooms....
an Apple a day keeps the viruses away!
root is disabled by default on Macs. That's the ticket.
If you are a hacker or running a robust network , linux is the way to go ! For just about everything else ,windows cant be touched . The gaming industry is what launched computing to the levels its at today ! Mac's just cant come close when running these graphic and processer heavy aplications !
As for hacking the various os's , some guy just hacked a MAC in 10 seconds recently !
On the other hand , one of windows parteners just leaked the latest security patch the day before it went out . This allowed the hacking community an entire day to cross-enginner that patch and find loopholes allowing them to exploit the security update as soon as it was released =)....
If someone wants in your machine ,there getting in ! Anyone that thinks otherwise , your only fooling yourself !
At last a way to tax corporations
I work in electronic crime and we see these scams daily. However, no one wants to take the cases. Not the FBI, not any federal body. Local law enforcement and state law enforcement stops at the state line. However, the Feds don't care if someone's lost 1500.00 or not. Think of how much information this group would have had if LE could have submitted the data to people actually using it.
How much faith should be placed in a professor who is on crack.
Evidently enough faith for the Authorities ! And what do you do to contribute to Society ? Just spew out negative B.S. ?
You really should be more tolerant.
I think this ought to be a required course in all US colleges. Harness the power of these students to thwart cybercrime! Put your education to good use!
This is a smoke screen,
Covering security,
Selling your data.
Awesome job ! Hats off to the Professor and his Students. Now they need to be paid for their trouble and time ! If the world had more people in it like these "Good Guys", we would all be a lot better off.
"The hackers obtained fake passports for the students, U.S. J1 work/study visas, and packed their new mules off to the United States"
So, with the crack down on illegal immigration from Mexico, why and how did these students get to America with fake visa's and passports???
I would start from the bottom and work my way up. We have an unwritten leniency with illegal immigration from European Countries. As long as they look white, we can over look things like correct documentation and other legalities needed to come to the states. There is not "sophistication" in this crime other than we overlooked obvious clues that are picked up on in every other situation when the immigrants are anything other than white.
Kudos to the Professor and his students good job done! thumbs down to the people that think the OS is responsible for this problem, they are all written with code same thing the hackers use to infiltrate it with.... i have written programs before and it only takes one character to change the function of that program..... and why is it when a discussion is brought up some dummy has to mention politics which have nothing to do with this article? If you are so dis-satisfied with what is out there/ grow some balls and do something about it instead of wearing your finger prints out on a keyboard !
@CSWI my ex had a keylogger on my pc that recorded screenshots. So it really can happen where if your online bank has all of that security set up where you can still be hacked.
College students? Wait, aren't they all just a bunch of snobs?
There is no difference between these hackers and the GOP! They want to take your money and give it to the rich anyways. One way or another, your going to lose it!
And honeslty, who would fall for the "work from home and make 10k per month scam????? You just have to know that something is shady about that business or everyone would be doing it. Common Sense anyone????
Evil minded, shameless, dis-respectful character--and not intelligent-- are these hackers entitlement! Especially those linked to their source of nature. Losers you are! ! ! ! Losers you've earned! ! ! ! At least you can do all of us a favor, send yourselves to the trash bin!
I never had that problem so I can't relate.
#1) I use windows 7.
#2) I use AVG with a firewall.
#3) I have a hardware Firewall in my router.
#4) I don't do something stupid like read unsolicited email.
#5) I don't open attachments to unsolicited email.
#6) I block ALL unnecessary outbound traffic with my Firewall. Disable trusted networks because AVG doesn't know who to trust.
A simple routine that keeps me safe to this day.
I have several email accounts but my private one is for family and friends.
I don't use gmail which was compromised by Chinese hackers.
I don't put personal info on my Facebook or any other social media account.
You people keep throwing yourself out there and don't secure your area will never get any sympathy from me.
If your dumb enough to believe in the Nigerian letter scam then your the punchline.
Don't scream if your some old dude that us young-uns should respect you if your dumb enough to send them your life savings to get a million dollar check.
I have 10 emails a day on my throw away email account from City Sex and I repeatedly told them to stop and they apologize yet it continues. Point is after tracing their IP address I found it's protected by an American company. So, don't blame foreign nationals because when it comes to scamming you from your money we Americans have it down to a science.
I have also learned that Windows itself sends statistical information back to Microsoft on how windows is used whether you want it to or not.
Windows installer always asks for access to the net, why? No one will give an answer. It's there just to install a program on your PC. Windows 8 will even block your program from installing until you dig into the menu system to allow it. So even WINDOWS sends info back home without your knowledge.
@Roger-785733
You are calling someone a lAmEr, and then state that the 3 people who use Linux, etc can still get a virus? DOH! Of course they can, BUT, to start with their is a significant number of people who DO use and alternative OS, as you would know if you had any knowledge of anything other than WinDoze.
Are they susceptible to a virus? Absolutely, but since any savvy Linux user NEVER operates their system as Root user unless doing maintenance... the odds of a virus doing anything other than sitting there spinning it's wheels aimlessly are very thin. Also, since there are so many mindless windows fanboys out there who know nothing about how to operate and protect the PC, it is much more productive for hackers to target windows computers, SOOO... the average linux box will NEVER see a virus written to exploit linux.
I have used Linux for 8+ years to do absolutely everything that I need to do, and have NEVER caught a virus, even though I run no active virus scan software. The only reason I even scan my box occasionally is to make sure I don't have a windoze virus piggybacking on my email or files.... after all, would not want to infect any of my windows using pals with a virus that does not even affect me, but that would trash their machine, or cost them personal data.
And you call alternative OS users LaMe? THAT is truly FUNNY!
I would love to agree with you but in reality Linux doesn't have viruses due to the lack of users.
I am not trying to pick a fight with you and I have tried to use Linux and found that for MY use it's nothing but eye candy.
It can not use my TV tuner which is a very modern qam tuner and it can't play my Windows games even through wine.
Irritating aspects include not being able to turn off the password system even if I'm the admin. I don't want to be asked every time I take a pee for my PW.
We can argue the why's and how, yes I know the reasons but still.
I also don't want to go through the shell/cli/dos prompt or whatever to install some programs. I want to purchase or download a program and install WITHOUT going through the store.
They have the ability to completely take every user away from all other OS's but being a community project that is organized by the few, the few won't submit to the many. They shoot themselves and so be it.
That being, Government has contracts with Microsoft as well as way too many people and Universities as well as many Businesses. Linux may be better in some respects but the hackers have no incentive to create Linux viruses.
Also, of MY knowledge, the majority of Viruses come from Pirated software and Key Generators. I have yet to find one single store bought program that came with a Virus, to do so would be the end of that business. That is not to say that every Virus comes from these programs. Emails and a lot of other ways but every way needs to be consciously executed to attach itself to another file and be spread.
In reality I believe Android is going to overtake portable OS's and Windows will stay on top of home PC's as long gaming is supported and OSX doesn't drop it's restrictions and allow being installed on other systems without a hack.
I will always choose windows because they give me what I want, when Linux supports me then I will change.
They caught some cyber thieves but according to the end of the story the story has no end. Just in case you missed it the story closed with these words.
"Though all the mules – except one – were arrested, that does not necessarily mean the end of the money mules, says Gary Warner.
“ZeuS infections are rampant still today. There are probably millions of computers in the United States that have active Zeus on their machines right now,” Warner said."
Gotta love fanboys arguing over which OS is better suited to get as close as they'll ever get to a real female.
somebody needs to bust the greatest theft ring still operating in this country - the federal govt - who is adding 3 billion each day to our nationa debt, now amost 15.5 trillion.
does anyone care? that stands today at about $50,000. owed by EACH man, woman, child, that YOU owe the govt in national debt. that is beyond immoral. it must be stopped!
I agree with that.
We need to get them out of our lives so much.
Yea, that would be nice but unfortunately between Regan, Bush Sr and Bush Dub-ya they destroyed our economy, removed regulations and destroyed our clout around the world.
Obama is just trying to fix things that he inherited from Bush and Henry Paulson the main guy who created the bailouts and his friends who created the problem.
Other than that.
I remember when I was 10 I watched a documentary about a lake being set on fire with just a match. I remember about the DDT and the egg shells and I remember the days of just throwing garbage out the back of station wagons.
Lets just remove all the regulations, allow the keystone pipeline to go ahead and just go back to dumping more sewage into our drinking water.
Your kind can't hide behind lies anymore in the 21st century where everything is recorded and you can view it all online.
Here are some businesses destroyed because of Regan polices to include Hialeah Florida and South Florida all together.
163st Mall, Miami Florda THE WHOLE THING!
Zayre's, Lionel Play World, Service Merchandise, Coleco, Commodore, Atari, Jefferson Ward, Woolworth's, Eckard Drugs.
These are some of the major companies that were the result of his reforms.
Greed from CEO's, the killing of a 40 hour work week that limits you to 39 hours yet will give the manager a bonus to keep employees from getting 40 hours and benefits.
However every other modern westernized country are socialist and are perfectly fine with human rights and a way for an every day man to make a living. Yet the average American man will scream that America is the best while every right is stripped away from him including a way to make a living and support his family.
ALL I KNOW is that if I smash your computer with a big fu@king hammer it will not work.
Oh boy....I got on this comment page and learned the hard truth: Americans might have all the glitzy phones, computers and such but we are stupid....
I Acutally got affected with the Zeus but for unknown reason transfer from my bank account which actaully had a few hunderd dollars was stopped and due to multiple tries my account was blocked for online access.
Here is how they do it They added me online on yahoo messenger and that messenger kept opening chat window saying hi whenever i opened a bank website and one day it actually took my password and i press enter it actually got entered as a chat messege!!!
"Its" is possessive, like "hers" and "his." "It's" is a contraction of "it" and "is"; the apostrophe takes the place of the "i": It is, It's.
http://www.cgl.uwaterloo.ca/~csk/its.html
Spell-check doesn't help with homophones or heterographs.
Here's a list: http://www.spellingsociety.org/journals/j4/heterografs2.php