Germany's Federal Crime Office has arrested a Russian-Ukrainian-German group of 10 suspects accused of running a Trojan horse phishing attack that has been targeting users' bank accounts. An 18-month police investigation culminated in arrests on Tuesday in several German cities as well a number of computers being seized. The defendants allegedly bought jewelry, cars, and luxury holidays with the money they made off the scam. The group is alleged to have targeted online banking users by sending them fraudulent e-mails claiming to come from Deutsche Telekom, eBay, Wal-Mart, Ikea, or the German television licensing organization. Researchers at security company Sophos noted that attachments to the e-mails contained various Trojan horses, one of which is ranked first in the list of Top Corporate User Malware in Avert Labs' Threat Library.
"The financial rewards for cybercrime are significant, and we are seeing more organized gangs getting involved in this kind of crime all the time. Everyone who has a computer needs to learn how to properly defend themselves, or risk having their money and identity stolen. For many months there have been several waves a week of phishing e-mails sent with new variants of this downloader, that when executed would install some keylogging Trojan. The e-mails typically look like a receipt sent from some company with details supposedly found in the attached .zip. Some of these e-mails even claimed to have come from German law enforcement agencies," said Graham Cluley, senior technology consultant for Sophos.
News source: InformationWeek