10 charged in alleged malware conspiracy to steal $100 million



Prosecutors and law enforcement officials from the United States and Europe, speaking at a news conference on Thursday in The Hague, say that criminals used malware to infect tens of thousands of computers worldwide, capturing online banking credentials from unknowing victims in a bid to extract their money.

The crackdown saw the US partner with Bulgaria, Georgia, Germany, Moldova, and Ukraine, resulting in an indictment being returned by a federal grand jury in Pittsburgh, and prosecution of defendants in Georgia, Moldova, and Ukraine. The scammers had planned to steal an estimated $100 million from over 41,000 businesses and financial institutions.

Five of them - Russian nationals - remain on the run including the developer of the malware.

Police in Germany and Bulgaria were also involved.

They then stole money from more than 41,000 victims' bank accounts and laundered the cash using USA and foreign beneficiary bank accounts.

"The victims included mum and pop businesses..., law firms, global corporations, ... non-profit organizations that worked with disabled children", US Attorney Scott Brady told a news conference in The Hague. The U.S. District Court for the Western District of Pennsylvania issued a federal arrest warrant for them in April. One of those alleged mule managers - Farkhad Rauf Ogly Manokhim (a.k.a. "frusa") of Volograd, Russia was arrested in 2017 in Sri Lanka on an worldwide warrant from the United States, but escaped and fled back to Russia while on bail awaiting extradition.

The leader and his technical assistant are being prosecuted in Georgia, the former Soviet state that declared independence in 1991. They will be prosecuted in their own countries with the exception of five Russians who remain fugitives.

One of the Russians, Viktor Eremenko, was arrested in Sri Lanka at the request of U.S. authorities in 2017 but "through the intervention of the Russian government" was freed on bail, after which he fled to Russia. Another gang member was arrested in Bulgaria and extradited to the United States.

At the European Union law enforcement agency Europol on Thursday, authorities announced details of a coordinated operation to dismantle an worldwide cybercrime network.

He allegedly fired an assault rifle through the door of his apartment at police, the Department of Justice said.

The malicious links referenced in those spam emails were served via the Avalanche bulletproof hosting service, a distributed, cloud-hosting network that for seven years was rented out to hundreds of fraudsters for use in launching malware and phishing attacks.

The latest operation was a follow-up from that, Europol said.

"The collaborative and simultaneous prosecution of the members of the GozNym criminal conspiracy in four countries represents a paradigm shift in how we investigate and prosecute cybercrime".