U.S. Charges 37 Alleged Mules and Others in Online Bank Fraud Scheme
Kim Zetter writes on Threat Level:
Thirty-seven people are being charged in the U.S. for their alleged role in an international fraud ring based in East Europe that stole more than $3 million from bank accounts belonging primarily to small businesses and municipalities, according to indictments released Thursday.
The sophisticated ring included a multitude of East Europeans who entered the U.S. on student visas and fake passports to operate as so-called “money mules,” laundering funds stolen from U.S. accounts and sending the money overseas.
Hackers believed to be in East Europe ran a botnet that used variants of the Zeus malware delivered to victims via e-mail. Zeus infected the victims’ computers to steal bank login credentials. The hackers then took over the accounts to initiate illegal bank transfers to other accounts controlled by the mules.
Last January, for example, about $130,000 was siphoned from the California bank account of a hospital.
The charges, filed in the Southern District of New York, are the culmination of a year-long investigation, dubbed Operation ACHing mules. “ACH” refers to Automated Clearing House, the system under which funds can be electronically transferred from one financial account to another.