Accessibility links

Breaking News

U.S. Indicts Dozens From Eastern Europe In Internet Theft Scheme

District Attorney for the Southern District of New York Preet Bharara explains the criminal scheme
District Attorney for the Southern District of New York Preet Bharara explains the criminal scheme
NEW YORK -- U.S. law enforcement authorities have announced the indictment of 73 individuals from Russia, Ukraine, Kazakhstan, Moldova, and Belarus who they accuse of participating in a complex Internet fraud scheme that targeted the bank accounts of U.S. citizens, businesses, and cities.

According to two separate criminal complaints -- one federal and one State of New York -- nearly $4 million was stolen from accounts at five U.S. banks between February and September of this year.

Prosecutors said the investigation is ongoing and in its earliest stages, so the numbers of indicted participants and amount stolen may eventually increase.

17 At Large

At a press conference, Preet Bharara, the U.S. district attorney for the Southern District of New York, said 37 defendants were indicted on federal charges. Nine were arrested in New York on September 30 and one was detained in Pittsburgh.

Another 10 defendants in the case were arrested previously. Seventeen remain at large and are being "actively sought" by authorities.

"This case involves dozens of defendants who allegedly helped Eastern European hackers steal millions of dollars from U.S. banks with the aid of a malicious computer program that acted as a Trojan horse on unsuspecting computers," Bharara said.

"Known internationally as the Zeus Trojan, this software program -- among others -- allegedly allowed criminals to spy on bank customers, steal their account information and then -- steal their money."

In a separate but related case, Manhattan District Attorney Cyrus Vance announced the indictment of another 36 defendants on state charges:

"Some of these defendants came to the U.S. already planning to take part in this fraud. Others were recruited once they arrived, as they searched social networking, newspaper, and other sites for part-time jobs," Vance said.

"And using this method, the defendants named in the state court indictments stole more than $850,000 from 34 identified theft victims, who are primarily account holders at J.P. Morgan Chase Bank."

Because the investigation is ongoing, District Attorney Bharara declined to provide specific details on the level and type of assistance U.S. authorities are receiving from foreign law enforcement agencies, particularly those in the native countries of the defendants.

According to the criminal complaint, some of the defendants fled the United States for their home countries before they could be arrested.

Bharara said it is common practice for the U.S. District Attorney's office "to work as closely as possible with foreign law-enforcement agencies."

The New York indictments come on the heels of a similar case in London where on September 29, police arrested 19 individuals accused of stealing $9.5 million using the same type of "Zeus" malicious software.

U.S. law-enforcement authorities said the cases are being viewed as potentially related and said U.S. and U.K. law-enforcement agencies are cooperating and sharing information.

Bharara said the Zeus Trojan virus was created in Eastern Europe and developed to work on individual computers in the United States, specifically those of municipalities and small businesses.

Infection Through Email

The virus was able to infect the computer hard drives through a seemingly benign email message that arrived in victims' in-boxes.

Once the message was opened, the computer became infected. Without the computer owner's knowledge, the malicious software would record finger strokes on the keyboard and send them through the Internet to an overseas computer.

The malicious spyware literally sat in wait on people's computers, spying on passwords as they logged into their bank accounts. Once that information was obtained, it was used to transfer money from the victims' bank accounts into a series of other accounts:

"It's not that easy to get into the victim's bank accounts and send the money directly back to the Eastern European originators of the scheme. What they instead used was an organization of what we call "cyber mules," Bharara said. "Those are the people who are responsible for getting money that was pilfered out allegedly, back to the originators in Eastern Europe."

The investigation started in February when the New York Police Department was alerted by a Bank of America branch in the Bronx about a suspicious withdrawal of $44,000. It soon became evident that it was just the tip of the international iceberg.

According to the indictment, several people were brought to the United States from Eastern Europe or were recruited in the United States specifically to participate in the ring.

Most were in the country on an educational visa. Once in the country, they were asked to set up bank accounts with false identities and withdraw small amounts of victims' money, according to Bhahara.

"And then each of those mules were directed to withdraw portions of that money and then send smaller packets of that money back to the originators in Eastern Europe either by bulk cash or by Western Union or some other method. And that's how the money got back to Eastern Europe," Bhahara said.

The federal complaint describes four people as managers of the mule operations. Others operated as mule recruiters.

Most of the defendants are Russian citizens, but there are also nationals from Belarus, Moldova, Kazakhstan, and Ukraine.

Aleksander Otchainov, the second in command at Russia's Consulate General in New York, told RFE/RL that it's too early to comment on the case but that consular officials are "definitely looking" into allegations and will provide assistance to the arrested Russian nationals if they ask for help.

Officials at the consulates of Belarus, Kazakhstan, and Ukraine in New York declined to comment on the allegations.

Janice Fedarcyk, assistant director-in-charge at the New York Office of the FBI warned that U.S. law carries strict penalties for people found guilty of falsifying their identities, or Internet fraud, or theft.

"The mules were given fake passports to open mule accounts, so they knew they were being paid to assist thieves. You come to the United States to steal -- you might just end up staying much longer than you anticipated, it's just that your stay will be behind bars," Fedarcyk said.

The arrested defendants were formally charged in New York City federal court. If convicted, they face between 10 and 30 years in prison, and up to $1 million in fines.

RFE/RL has been declared an "undesirable organization" by the Russian government.

If you are in Russia or the Russia-controlled parts of Ukraine and hold a Russian passport or are a stateless person residing permanently in Russia or the Russia-controlled parts of Ukraine, please note that you could face fines or imprisonment for sharing, liking, commenting on, or saving our content, or for contacting us.

To find out more, click here.