A £3 MILLION FRAUD CASE that involved a gang of cyber criminals using the Zeus financial malware to steal money from the UK bank accounts of innocent people came to a conclusion on Monday when the last defendant was convicted at Croydon Crown Court.
Latvia-born Karina Kostromina, 34, one of the thirteen suspects arrested by the Metropolitan Police Central e-Crime Unit (PCeU) as part of Operation Lath last year, was found guilty of money laundering and received a two-year prison sentence.
Kostromina is the wife of 33-year-old Yevhen Kulibaba, a Ukrainian believed to have been the leader of this cyber criminal ring.
"Kulibaba was the principal within this group of conspirators. He was based in the Ukraine and was responsible for obtaining and allocating accounts to be attacked, and organising the UK based conspirators to set up and operate recipient accounts and remove funds from them," the prosecutors claimed.
"Kostromina is Kulibaba's wife. She used her UK bank account to receive cash sums which were part of the proceeds of this fraud. Tens of thousands of pounds were paid into her account," they added.
Kulibaba pleaded guilty to one count of conspiracy to defraud on 15 July 2011, a charge of which Kostromina was cleared. He will be sentenced after the court rules on another count of money laundering that he was also charged with.
Operation Lath, which culminated on 29 September, 2010 with raids and arrests at multiple locations in London and the Home Counties, was part of a larger international law enforcement action against Zeus gangs.
The FBI arrested 20 money mules named in a New York indictment at the same time, while the Security Service of Ukraine (SBU) detained five key Zeus suspects operating from the Eastern European country.
The Crown Prosecution Service was able to prove fraud of £2,884,590 from attacks against UK banks and their customers, but believes the conspirators attempted to move at least £4,286,559.
"These defendants were part of an organised network of computer criminals operating a state-of-the art international online banking fraud, through which they stole many millions of pounds from individuals and businesses in the UK and United States," said DI Colin Wetherill of the Metropolitan Police Central e-Crime Unit.
"We are working hard to reduce the harm caused by these activities, to put fear into the minds of those contemplating these conspiracies and to bring such offenders to justice," he added.
Despite no being longer maintained by its original creator, the Zeus crimeware toolkit remains one of the favorite tools of cyber fraudsters worldwide. Moreover, ever since its source code was leaked on underground forums earlier this year, the number of Zeus variants seen in the wild has spiked. µ
Watch this space
Hackers could erect man-in-the-middle attacks
Painted into a corner
What we'd call copying, Cupertino calls 'inspiration'