A massive international cybercrime scheme that relied on Internet viruses to loot millions of dollars from U.S. and foreign bank accounts has been broken, federal law enforcement officials said.
Federal authorities announced charges Thursday afternoon against 60 people worldwide in connection with the scheme, the Federal Bureau of Investigation said, an expansion on the Tuesday arrest of 19 people in London accused of stealing nearly $10 million from U.K. banks. Federal prosecutors accused the defendants of using "a potent strain" of the Zeus Trojan and other Internet viruses to siphon the money from bank accounts in the U.S. and abroad.
Thirty-seven U.S. citizens were charged with snatching at least $3 million from American bank accounts at the news conference in New York City, where nine of the accused were arrested. There are still 17 accused who remain at large, the FBI said, and they are actively seeking their arrest.
"From thousands of miles away, they got their cyber hands on OPM: other people's money," said Janice K. Fedarcyk, assistant director-in-charge of the New York Office of the Federal Bureau of Investigation.
The scheme involved the use of "money mules" to transfer the finds between bank accounts and ultimately to sources in Europe and Russia, the FBI said. The U.S. suspects appear to be primarily henchmen, while the suspects arrested earlier in the week in London were ringleaders, Richard Wang, manager of security firm SophosLabs, told FoxNews.com.
“From the initial reports it would seem the U.K. arrests are the ringleaders and the U.S arrests are mostly the money mules that were used to actually convert stolen details into cash, although we won’t know until the U.S. charges are released in an hour or so," Wang said prior to the announcement.
"Using money mules who are in the same country as the victims of identity theft is a way to reduce the chances of the banks’ internal fraud detection mechanisms from firing. If a U.S. citizen suddenly withdraws money from an ATM in Latvia the bank will get suspicious, but if they withdraw from an ATM in New York it will raise fewer questions,” he told FoxNews.com.
Mikko H. Hypponen, chief research officer for security firm F-Secure, pointed out that not everyone working as a mule is aware that their activities are criminal.
"Quite often the mules have no idea they are working for criminals; instead they believe they've been hired to make money transactions for an an international company. Money mules are important for the Zeus gangs, as this is the only way they can try to hide the money trail," he told FoxNews.com.
But the FBI's position was crystal clear. The mules were given money, so "they knew they were being paid to steal," Fedarcyk said.
Gregory Antonsen, commissioner of the Financial Fraud Task Force of the New York City Police Department, said a handful of people were accused of managing the mule system as well.
The announcement is related to arrests in London earlier this week, in which thousands of personal computers in England were infected with the malicious Zeus Trojan as well. Using the virus, criminal gangs gained the personal log ins to thousands of bank accounts, enabling them to transfer money to accounts under criminal control.
"It would be premature to talk about the nexus and the manner in which the schemes may or may not be connected," Fedarcyk said, adding that the two cases nevertheless appeared to be connected.
"We believe we have disrupted a highly organized criminal network, which has used sophisticated methods to siphon large amounts of cash from many innocent people's accounts, causing immense personal anxiety and significant financial harm -- which of course banks have had to repay at considerable cost to the economy," Detective Chief Inspector Terry Wilson of the London police told the Associated Press.
He warned bank customers to be make sure their computer security protection is up to date and to be suspicious of any unusual changes in their log-on procedures.
Police say the Trojan poses a continued worldwide threat and is increasingly being used to gain illegal access to bank accounts. Hypponen agreed, pointing out that "there are more than 150 active Zeus servers online right now."
FoxNews.com's SciTech section is on Twitter! Follow us @fxnscitech.