In one of the largest e-crime busts in UK history, police have arrested 19 people accused of being part of a gang that stole millions from online bank accounts using the infamous Zeus Trojan.
The Metropolitan Police Central e-Crime Unit (PCeU) believes that the gang of mostly East Europeans based in London had already stolen £6 million ($9.5 million) from UK accounts, or around £2 million per month, and could have taken as much as £20 million in total.
According to descriptions given in the UK newspaper that extensively covered the arrests, the operation was highly sophisticated, involving a network of ‘mule’ accounts (real accounts used to withdraw money), and a mastermind described as being an ‘IT expert’.
Police said that 600 UK bank accounts had been compromised but this is likely to be a low starting figure given the large sums quoted as having been stolen.
"We believe we have disrupted a highly organised criminal network, which has used sophisticated methods to siphon large amounts of cash from many innocent people's accounts, causing immense personal anxiety and significant financial harm," Detective ChiefInspector Terry Wilson of the Metropolitan Police was quoted as saying.
The arrests are the latest chapter in an ongoing investigation into a sudden and worrying surge in attacks over the summer using the Zeus/Zbot Trojan to raid UK bank account customers.
Even by the ever-present standards of malware crime, Zeus has risen to become probably the single most unpleasant threat facing online bank account users the world over.
Only weeks ago, police arrested six people accused of using the same Zeus malware to target online bank accounts in the UK, stealing several million pounds from accounts and credit cards. It is not clear whether the new arrests are connected to this investigation or different part of what has become a more widespread problem.
The Zeus Trojan is prolific enough that it could probably support an entire e-crime news service on its own.
In August, a security company discovered evidence that the malicious program had infected as many as 100,000 PCs in the UK alone, while only days later a second security vendor discovered details of 3,000 UK online bank account users on a hacked server.
Attempts to spread the malware continue apace, including this week’s spam attack on users of the LinkedIn social network service. This particular attack was clearly aimed at stealing logins for online business accounts.