Ukrainian authorities have arrested five individuals who allegedly directed a global cybercrime scheme that used a version of the Zeus Trojan computer virus to steal US$70 million from US bank accounts, FBI officials said on Friday.
They told a news briefing that Ukrainian authorities took the five individuals into custody and conducted searches under eight warrants on Thursday as part of an international crackdown that dismantled the operation this week.
The officials said the scheme targeted small and medium-sized US businesses. It involved the use of malware, a software code that captures passwords, account -numbers and other data used to log into online banking accounts.
The crackdown had previously been disclosed with some arrests announced in New York on Thursday and in London on Wednesday.
The FBI officials declined to identify any of the US banks that had been victims or to say how many banks had suffered losses in the scheme.
They said the investigation began in May of last year after a complaint from a company in Omaha, Nebraska, and quickly spread to New York and New Jersey.
The US cases involved more than 300 victims. In the US, 92 people have been charged and 39 have been arrested, the officials said.
The scheme involved the use of foreigners who entered the US on student visas and who were recruited as “mules” to open bank accounts under fake names. The accounts were then used to receive and transfer the stolen funds overseas.
“During this investigation, the FBI worked closely with our overseas counterparts to identify subjects who were instrumental in the development and control of the malicious software, those who facilitated the use of malware, and those who saw a means to make quick, easy money — the mules,” said Gordon Snow, assistant director of the FBI’s Cyber Division.