On Tuesday, Russian law enforcement arrested eight men in Moscow for allegedly boosting millions of dollars from the nation’s banks by installing the Carberp Trojan on their victim’s computers. According to a press release by the Ministry of Internal Affairs, the group’s crime spree was first discovered by law enforcement last October.
Depending on what Russian media report you read, the eight men arrested are said to have walked away with 60 million rubles ($2 million USD) at the least, or according to Group-IB, a Russian who assisted law enforcement, 130 million rubles ( $4.5 million USD).
The group, reportedly led by two brothers, rented office space in Moscow, posing as a legitimate technology firm, which housed equipment to connect to their victim’s systems, bank cards, and scores of forged documents. The scam was driven by website compromise, which would then serve malware to visitors including the Carberp and RDPdor Trojans. The malware would help them capture banking details, and use the stolen information to wire money from the compromised accounts to their own accounts, where a mule would take the funds via ATM.
Each of the men faces 10 years in prison, charged with creating, using and disseminating of harmful computer programs, as well as theft and illegal access to computer information. One has made bail, six are currently on house arrest, while the eighth man, remains in custody on an outstanding warrant for his arrest for real estate fraud.
A video reported to be the leader of the group was posted to Russian News site Life News here.
Related: Political Activism Gives Way to Hacktivism in Russia
