Tag Archives: ZeuS Trojan

FBI Investigating Cyber Theft of $139,000 from Pittsford, NY

June 10, 2011
65 Comments

Computer crooks stole at least $139,000 from the town coffers of Pittsford, New York this week. The theft is the latest reminder of the widening gap between the sophistication of organized cyber thieves and the increasingly ineffective security measures employed by many financial institutions across the United States.

The attack began on or around June 1, 2011, when someone logged into the online commercial banking account of the Town of Pittsford, a municipality of 25,000 not far from Rochester, N.Y. The thieves initiated a small batch of automated clearing house (ACH) transfers to several money mules, willing or unwitting individuals in the U.S.A. who had been recruited by the attackers prior to the theft. The mules pulled the money out of their bank accounts in cash and wired it to individuals in Saint Petersburg, Russia and Kiev, Ukraine via transfer services Western Union and Moneygram.

Keeping an Eye on the SpyEye Trojan

November 8, 2010
3 Comments

Last month, I published evidence suggesting that future development of the ZeuS banking Trojan was being merged with that of the up-and-coming SpyEye Trojan. Since then, a flood of new research and resources has been published about SpyEye, including a new site that helps network owners track the location of SpyEye control networks worldwide.

Earn a Diploma from Scam U

October 17, 2010
15 Comments

Since the dawn of the Internet, tutorials showing would-be scammers how to fleece others have been available online, and there is a growing catalog of fraud instructional videos as well. But for novices who who can’t be bothered to scour the ‘Net for these far flung free resources, the tricks of the trade can now be learned through intensive one-on-one apprenticeships that are sold online like community college classes in e-thievery.

A Stroll Down Victim Lane

May 10, 2010
33 Comments

Last week I traveled to Cooperstown, N.Y. to deliver a keynote address about the scourge of online banking fraud that I’ve written about so frequently this past year. I flew into Albany, and in the short, 60 minute drive west to Cooperstown, I passed through tiny Duanesburg, a town whose middle school district is still out a half million dollars from e-banking fraud. On my way to Cooperstown, I also passed within a few minutes of several other recent victims — including a wrecking firm based on Schenectady that lost $70,000 last month when organized thieves raided its online bank account.