WASHINGTON – The FBI and law enforcement agencies in Ukraine, the Netherlands and Britain are tracking down international cyber criminals who stole $70 million by using malware that captured passwords and account numbers to log onto online bank accounts.
At a press briefing Friday, the FBI said Operation Trident Breach began in May 2009 when agents in Omaha, Neb., were alerted to some of the stolen money, which was flowing in bulk payments to 46 bank accounts around the United States.
Ukrainian authorities have detained five people thought to have participated in some of the thefts and Ukraine has executed eight search warrants in the ongoing investigation.
Gordon Snow, the FBI's assistant director in charge of the cyber division, said police agencies overseas were instrumental in finding criminals who designed the malicious software, others who used it and still others called "money mules," who transferred the stolen funds to havens as distant as Hong Kong, Singapore and Cyprus.
Many of the victims were small- and medium-sized businesses that don't have the money to invest in high-level computer security.
On Thursday, 37 people were charged in papers unsealed in federal court in Manhattan with conspiracy to commit bank fraud, money laundering, false identification use and passport fraud for their roles in the invasion of dozens of victims' accounts. Fifty-five have been charged in state court in Manhattan.
The FBI said the software was known as an Internet banking Trojan, which can steal computer access data including usernames and passwords for bank accounts, e-mail accounts and social-networking websites. The program would gain access to the computer when a victim clicked on a link or opened a file attached to a seemingly legitimate e-mail message.
Associated Press writer Timberly Ross in Omaha, Neb., contributed to this report.