“In times of radical change, the learners inherit the earth, while the learned find themselves perfectly equipped for a world that no longer exists.” - Erik Hoffer

October 4, 2010

There's good news and bad news regarding U.S. eBanking thefts

These days, all you have to do is blink and you'll miss something on the Internet. I was off-line for a day or two and when I came back on "the net" I discovered that the FBI, working in concert with police officials in Great Britain and the Ukraine moved to break up one of the groups using the ZeuS worm to steal funds from individuals, businesses and government agencies. Brian Krebs, as usual, kept track of all the developments on his KrebsonSecurity blog. If you missed the details of the story in your local paper, you can follow the progress of the story using the links below:
Sep. 29, 2010  "19 Arrested in Multi-Million Dollar ZeuS Heists"   (UK)
Sep. 30, 2010  "11 Charged In ZeuS & Money Mule Ring"   (UK)
Sep. 30, 2010  "U.S. Charges 37 Alleged Money Mules"  
Oct.     2, 2010  "Ukraine Detains 5 Individuals Tied to $70 Million in U.S. eBanking Heists"

The above is indeed great news. According to Krebs, "Investigators say the Ukrainian gang used the software to break into computers belonging to at least 390 U.S. companies, transferring victim funds to more than 3,500 so-called “money mules,” individuals in the United States willingly or unwittingly recruited to receive the cash and forward it overseas to the attackers."

The bad news is that there are still other groups using ZeuS to obtain account and password information, then making fraudulent electronic fund transfers and money mules to move the money out of the country and into the hands of the thieves at the top of the organization. Law enforcement and banking officials need to do a better job of letting users know how these groups operate and how users can improve the security of their individual and commercial accounts to prevent these thefts in the first place.

Once again, if you don't have KrebsonSecurity on your RSS feed or your daily reading list, you're missing an important source of information about keeping your own computers or your company's computers secure.