Cyberthieves copy drug trafficking protocol with "money mules"
Imagine the horror of going to bed with a bank balance of over $500,000 and waking up with zero in your account.
This is the fate that multiple companies experienced at the hand of a cyberthief crime ring scattered between Russia, Estonia, Scotland, Finland and around the US.
But this crime ring is a little different than the standard cyber crime syndicate; this ring uses "money mules." A procedure that mimics drug trafficking practices, these cyber criminals have taken cyber theft to a whole new level.
Deemed one of the largest known cyber crime syndicates to date, the FBI first took down the crime ring in May 2009 when a financial services firm flagged some suspicious transactions.
When the agency first received the intel, it recovered over $14 million dollars in losses, and that was just the tip of the iceberg.
The crime ring targets businesses using Automated Clearinghouse, an electronic network for financial transactions. Of the 390 cases discovered by the FBI, the agency attempted thefts totally $220 million and actual losses of $70 million.
To do this, the crime syndicate utilized the standard cybercrime approach: operating out of Eastern Europe, they send malware to infect computers in the US via email.
The emails were disguised as written letters from a company manager or colleague to minimize suspicion.
When an employee clicks on an embedded link or attachment, a Trojan horse virus called Zeus installs within the company's network to gather usernames, passwords and financial information.
Once in the system, hackers would transfer money from these businesses into accounts set up by the money mules in the United States.
The money mules were people located in the US, tasked to withdraw funds from the accounts small enough to avoid detection. Keeping 8-10%, the mules would then send the rest of the money over to Eastern Europe.
Similar to drug trafficking, mules would do the risky, dirty work like walking into banks to set-up a new account and actually withdrawing the money from these accounts, all whilst ring leaders would be hidden under the blanket of cyberdom in Eastern Europe.
Most of the time hackers would target young or desperate mules for these jobs, oftentimes enlisting full time US-based recruiters to find fresh mules. Just recently, a group of Eastern European students in the United States were busted for their part in a cyberthief crime ring.
And these US-based mules are not as remote as you think. One pair of Russian roomates based in Brooklyn smuggled over $150,000 to Russia, opening bank accounts in New York and New Jersey.
Companies targeted are left with little recourse but to sue the bank responsible for allowing the transaction.
A lawyer for a Detroit company that lost of $560,000 said that the thieves emptied the accounts and transferred over $1.34 million before the bank shut them down for suspicious practices.
Hopefully, attention to crimes like this will prompt both banks and the government to enlist better protections to give companies targeted and better recourse.