Skip to main content

FBI announces arrests in $70 million cyber-theft

By Terry Frieden, CNN Justice Producer
  • FBI says they smashed cyber-theft ring that had netted $70 million from U.S. alone
  • 60 people are in custody in the United States, United Kingdom and Ukraine
  • To date the perpetrators have attempted to steal $220 million, the FBI said

Washington (CNN) -- The FBI announced Friday more than 60 people are in custody in the United States, United Kingdom and Ukraine after authorities smashed a major international cyber-theft ring that had netted $70 million from the United States alone. To date the perpetrators had attempted to steal $220 million, the FBI said.

"The five individuals detained in Ukraine were the directors of this organized cyber-crime operation," said FBI Assistant Director Gordon Snow.

Snow and other officials said 39 U.S. citizens and 20 U.K. residents were also in custody, arrested for helping to carry out a sophisticated computer theft operation that primarily targeted small to medium businesses and institutions.

A smaller number of churches, nonprofits and individuals were also victims of the cyber ring, authorities said. In total, the FBI has identified 390 targeted victim businesses, institutions or individuals in all parts of the United States.

FBI officials briefing reporters on the international take-down said the criminals selected targets in advance which they believed did not have high level computer security, and were able to tap into the firms' bank accounts.

The first indication of the cyber ring surfaced in Omaha, Nebraska, in May 2009. The FBI then launched Operation Trident Breach which eventually led to the arrests announced Friday.

First word of the operation was announced in New York Thursday where authorities disclosed an estimated $3 million in losses in New York which FBI officials noted is a small portion of the $70 million siphoned from the bank accounts.

Most of those arrested were identified as "mules" engaged in the transfer of stolen funds, who retained a percentage for their services.

The FBI says the investigation determined the organizers launched their scheme strictly for profit and were not related to any political or social cause.

Authorities did not identify the creator of the "malware" which enabled the successful targeted "phishing" or "spearfishing" operation. They did not say whether the originator is in custody. However, they acknowledged that a version of the Zeus Botnet which was used to infect the computers of the victims in this case is still active and represents a potential threat to other computer users.