Law enforcement has arrested 14 individuals who used banking malware to launder £11 million from a number of UK banks.
The group of computer criminals leveraged malicious email attachments to deliver two pieces of banking malware to their victims: Dyre and Dridex.
For its part, U.S. law enforcement agencies allegedly took down the botnet responsible for distributing Dridex in October 2015. But the malware resurfaced shortly thereafter. Researchers later observed Dridex targeting crypto-currencies in September 2016.
The National Crime Agency (NCA) explains that the arrested persons, aged 23 and 52, used the two malware families to primarily target UK financial institutions:
"Those arrested are suspected to have laundered the criminal profits through hundreds of accounts at various UK banks, using false identity documents and 'money mules' recruited and controlled by the crime group."
UK law enforcement made the arrests on 2 November in London, Daventry, and West Bromwich. It did so in cooperation with Moldovan and Romanian authorities, as the crime group is believed to have transferred the stolen funds to bank accounts based in Eastern Europe.
During the arrests, law enforcement seized electronic devices, cash, and fake ID documents.
Mike Hulett, Head of Operations at the NCA’s National Cyber Crime Unit, says the arrests demonstrates the extent to which cyber crime has evolved into an international threat:
"Cyber crime is an increasing threat in the UK and internationally, which the NCA is determined to combat at every level. The malware utilised in this case hits small and medium sized businesses particularly hard.
"Those responsible for writing, developing and deploying malware code also rely heavily on other organised criminals like money launderers, and their fraudulent proceeds can then be used to fund other criminality.
"The NCA has had tremendous support from colleagues across law enforcement and the banking industry, to close down this money laundering network. Together we have made a hole in the system which will cause significant disruption to other organised criminals."
To protect against money launderers, it's important that users know how to spot a suspicious email and refrain from clicking on a suspicious email attachment. That's especially true at the workplace, where there are privileged users who have access to corporate bank accounts. In those cases, it's up to organizations to properly train their workforce about cyber crime and other digital threats. They can do so by using third-party security awareness training software that makes use of simulated phishing exercises.
Does that sound of interest to your organization?
If so, contact Metacompliance and learn how its simulated phishing exercises can help protect your company against money launderers.