Cybercrooks who allegedly stole millions of dollars from U.S. business bank accounts used unauthorized automated clearing house transactions, according to court documents made public when indictments were announced late last week against 37 people acting as mules in the United States, reports NetworkWorld's Jaikumar Vijayan.

The indictments, announced by the U.S. Attorney's Office in Manhattan, name 37 people from Russia and East European countries, who were mainly involved in setting up fraudulent bank accounts, withdrawing stolen funds and sending it to the actual hackers, who were located in East Europe. The hackers used a Trojan, known as ZeuS or ZBot, to infiltrate computers at businesses, steal online banking passwords, and use them to break into bank accounts.

One of the 37 charged last week, Ilya Karasev, is a 22-year-old from Russia, who allegedly opened fraudulent bank accounts using fake names and phony Belgian and Greek passports. According to the court documents, Karasev came to the United States with a J-1 Visa, which he soon converted to an F-1 student visa.

Despite the arrest of more than 100 people in the United States and the United Kingdom in conjunction with this cybercrime ring, the Trojan appears to remain robust, reports Jeremy Kirk at InfoWorld. According to the Zeus Tracker website, a Russian registrar on Friday sold 10 domain names that are involved in activity related to the Trojan. The challenges presented by ZeuS underscore how difficult it can be to conquer this type of malware, which is designed for redundancy and robustness, not unlike corporate IT systems, Kirk reports.

The ZeuS malware continues to crop up in new variations, notes Neil J. Rubenking at PCMagazine. To defend against attacks, any computer with Internet access should be protected with anti-virus software that goes beyond known threats. Computers used to access bank accounts should have additional protection, such as a secure browser.

For more:
- see Jaikumar Vijayan's article at NetworkWorld
- see Jeremy Kirk's article at TechWorld
- see Neil J. Rubenking's column at PCMagazine

Related Articles:
Crackdown on Zeus banking scam unearths massive cybercrime outfit
Evidence of Zeus Trojan found in majority of Fortune 500 companies
The growing problem of banking Trojans