Tokyo-based cyber security firm TrendMicro revealed on Wednesday a major cyber theft of $3.2 million in six months starting in January 2011. The young hacker, nicknamed “Soldier”, resides in Russia, the firm believes. TrendMicro reported on this case in the company’s weblog this Wednesday.
According to TrendMicro’s Senior Threat Researcher Loucif Kharouni, the talented Russian hacker used SpyEye – a “banking Trojan” capable of stealing all forms of credentials – as well as money mules (persons who transfer stolen money from one country to another) and two accomplices believed to reside in California.
The cybercriminal’s money laundering process according to TrendMicro
“Soldier” mainly targeted US users. To increase the number of successful infections, he even bought US traffic from other cybercriminals. Besides using malware to steal money from the compromised accounts, he also stole user security credentials. Soldier’s botnet was able to compromise approximately 25,394 systems between April 19, 2011 and June 29, 2011. TrendMicro also reported that a number of IP addresses belonging to the US government, corporations, and even military organizations became the victims of “Soldier”.
Source: TrendMicro