Today, the group behind the creation and rapid proliferation of the dastardly Zeus malware, Yuriy Konovalenko (31) and Yevhen Kulibaba (36), were extradited from their home country and hauled in front of a federal judge in Nebraska, where the hammer was swiftly brought down on both of their soon-to-be decorated criminal files.
According to the recently unsealed court documents, the perpetrators utilized the Zeus malware to make off with a monumental cache of passwords, RSA SecureID tokens, PIN numbers, and various other bits and pieces of data necessary to log into hijacked bank accounts from nearly every continent on the planet.
The documents lay out the exact nature of their crimes in a detailed report available for all to see online.
“It was part of the scheme to access, over the Internet and without authorization, computers infected with that malicious software and to obtain from those computers means of identification and other information necessary to log into online banking accounts.”
Of the nine indicted, seven are still on the run somewhere in Eastern Europe, however the two who were present to actually accept their fates were charged with the especially sentence-heavy crimes of laundering the money the ring brought in through their various bandwidth-based banking burglaries.
Kulibaba in particular was singled out for allegedly providing a direct route from the UK to the US, utilizing various “money mule” schemes to move millions of dollars in stolen bills out of the EU and into the States without being seen or heard on the trip across the pond and into an unnamed, and untraceable account.
Zeus has been making quite a few headlines as of late (despite all the uproar over Heartbleed), especially due to a whole new feature that popped up which is supposedly capable of imitating official Microsof trusted security certificates better than any other malware on the market to date.