Five Arrested In Raids On Ukraine Zeus/SpyEye Malware Ring

Investigators from across six European countries have arrested five suspects in coordinated raids in the Ukraine aimed at taking down an online banking crime group, according to Europol.

The joint team conducted eight house searches in four cities and seized computer equipment and other devices for examination, according to Europol, which helped coordinate investigative teams from Austria, Belgium, Finland, the Netherlands, Norway and the United Kingdom.

Coordinated action

The raids were part of a campaign launched in 2013 and facilitated by Europol as well as Eurojust, a European Union agency that facilitates judicial cooperation in criminal affairs both within and outside of Europe.

The action targeted high-level cybercriminals and their accomplices, accused of developing exploiting and distributing Zeus and SpyEye banking malware, as well as channelling and cashing out the proceeds. Europol, Austrian and Belgian law enforcement and judicial authorities were directly involved in the action on June 18 and 19, Europol said.

“This was a very active criminal group that worked in countries across all continents, infecting tens of thousands of users’ computers with banking Trojans, and subsequently targeted many major banks,” Europol said in a statement. The group’s damage was estimated at at least 2 million euros (£1.4m).

Different members of the gang specialised in creating malware, infecting machines, harvesting bank credentials and laundering money through mule networks, Europol said. The group traded stolen credentials, compromised bank account information and malware online, selling its hacking services and working with criminal partners.

‘Very destructive’ group

“In one of the most significant operations coordinated by the agency in recent years Europol worked with an international team of investigators to bring down a very destructive cybercriminal group,” stated Europol director Rob Wainwright.

The ongoing operation has made 60 arrests to date, including 34 alleged money mules captured by Dutch law enforcement authorities, according to Europol. Other actions have recently been carried out in Belgium, Estonia, Finland and Latvia.

Europol has supported the operation with data and forensic analysis, communications support and logistical coordination, while Eurojust has provided coordination, legal advice and judicial contacts between non-EU member states, including Ukraine.

Aleksandr Andreevich Panin, the creator of the SpyEye malware, was arrested 18 months ago by the FBI while on holiday in the Dominican Republic.

Are you a security pro? Try our quiz!