Authorities in the UK have arrested 14 people on suspicion of laundering €12.36 million for a gang of Eastern European cyber criminals.
The group, made up of 13 men and one woman, are thought to have used hundreds of UK bank accounts to clean the money, which was stolen by highly-skilled hackers deploying Dridex and Dyre malware.
The National Crime Agency (NCA), which made the arrests, were supported by officers from various forces around Britain, Immigration Enforcement, Regional Organised Crime Units and representatives from Romanian and Moldovan authorities.
Some of the suspects – who were held during raids in West Bromwich, Daventry and London – were said not to be British nationals.
During the operation, officers seized cash, fake identity documents and a number of electronic devices including computers and mobile phones which were taken away for forensic examination.
Mike Hulett, Head of Operations at the NCA’s National Cyber Crime Unit said: “Cyber crime is an increasing threat in the UK and internationally, which the NCA is determined to combat at every level. The malware utilised in this case hits small and medium sized businesses particularly hard.
“Those responsible for writing, developing and deploying malware code also rely heavily on other organised criminals like money launderers, and their fraudulent proceeds can then be used to fund other criminality.
“The NCA has had tremendous support from colleagues across law enforcement and the banking industry, to close down this money laundering network. Together we have made a hole in the system which will cause significant disruption to other organised criminals.”
Both the Dridex and Dyre viruses infect victims’ systems by tricking computer users into opening attachments or following links in apparently legitimate emails. The hackers are then able to steal online banking details and clear out victims’ accounts.
At the beginning of the year, IBM Threat Analyst Limor Kessem named Dridex as one of the worst three malware families. The Trojan has stolen millions of euros from bank accounts all over the world, focussing on those belonging to large companies as well as individual consumers. The hackers behind the programme have been able to thrive by stealing small amounts of money from multiple accounts.
The malware also turns victims’ computers into part of a botnet, allowing the gang behind it to stay one step ahead of law enforcement by using its network to mask its true location. Host computers are additionally used to send out fake emails to spread the virus further. Warning members of the public about the malware last year, Europol’s European Cybercrime Centre (EC3) advised computer users to avoid opening attachments contained in emails from unknown sources.
