Ten arrested for phishing trojan horse attack

Germany’s Federal Crime Office (known as the BKA) announced on its website that the gang of ten, which includes two women, has been arrested on suspicion of defrauding online surfers out of hundreds of thousands of dollars in an internet scam.

The group is alleged to have targeted users of online banks by sending them emails claiming to come from the likes of Deutsche Telekom, eBay, 1&1, Walmart, Ikea, and the German television licensing organisation (GEZ). Attached to the emails were malicious Trojan horses (such as Clagger-AZ and DwnLdr-FYH) that stole bank account information from the infected computers.

The police probe, which is said to have taken 18 months, resulted in arrests in several German cities, including Dusseldorf, Cologne and Frankfurt. According to the BKA, the suspects – who come from Germany, Russia and the Ukraine – purchased expensive jewellery, cars and luxury holidays from the proceeds of their criminal acts.

“The German authorities deserve credit for devoting time and resources into investigating the deluge of malicious emails that computer users in their country were receiving in these campaigns,” said Graham Cluley, senior technology consultant for Sophos. “The financial rewards for cybercrime are significant, and we are seeing more organised gangs getting involved in this kind of illegal activity all the time. Every computer user needs to learn how to properly defend themselves against the raft of online threats, or risk having their money and identity stolen.”