Close  

Officials in US, Europe charge 10 in malware attacks

/ 08:32 PM May 16, 2019

WASHINGTON – Ten people have been charged in connection with malicious software attacks that infected tens of thousands of computers and caused more than $100 million in financial losses, U.S. and European authorities announced Thursday.

The malware, which enabled cyber criminals from Eastern Europe to take remote control of infected computers and siphon funds from victims’ bank accounts, targeted companies and institutions across all sectors of American life.

ADVERTISEMENT

 Officials in US, Europe charge 10 in malware attacks

FILE- This July 27, 2008, file photo shows a, LED-illuminated wireless router in Philadelphia. Officials from the United States and Europe are announcing charges against 10 people in connection with malicious software attacks that infected tens of thousands of computers and caused more than $100 million in financial losses.(AP Photo/Matt Rourke, File)

Victims included a Washington law firm, a church in Texas, a furniture business in California and a casino in Mississippi.

The defendants come from six nations and several are awaiting prosecution in Europe.

An 11th defendant in a related case was extradited to the U.S. from Bulgaria in 2016 and pleaded guilty last month in federal court in Pittsburgh, where Thursday’s case was brought.

The charges include conspiracy to commit computer fraud, conspiracy to commit wire and bank fraud and conspiracy to commit money laundering.

Though the Justice Department has pursued multiple malware prosecutions in recent years against foreign hackers, this case stands out as a model of international collaboration, said Scott Brady, the United States attorney in Pittsburgh.

Instead of seeking the immediate extradition of all 10 defendants — an often cumbersome process that can take years of negotiations, even in countries that have treaties with the U.S. — prosecutors will first bring charges against several of them in the East European countries of Ukraine, Moldova and Georgia.

“It represents a paradigm change in how we prosecute cybercrime,” Brady said in an interview with The Associated Press ahead of a news conference in The Hague with representatives of the six countries.

The investigation was an outgrowth of the Justice Department’s dismantling in 2016 of a network of computer servers, known as Avalanche, which hosted more than two dozen different types of malware.

“For the past three years, we have been unpeeling an onion as it were that is very challenging to investigate and identify,” Brady said.

ADVERTISEMENT

The malware cited in the current court case infected 41,000 computers, relying on spam emails that were disguised as legitimate messages or invoices, officials said. Once opened, the emails enabled hackers operating from Europe to record the keystrokes from the victims’ computers, steal banking log-in credentials and wire money away from accounts.

Brady said that while prosecutors always look to recover stolen funds, that effort is especially challenging in international cybercrime cases.

“Proceeds were converted to bitcoin and without the private key, it is really hard to identify and access, let alone seize, those accounts,” Brady said. /gg

Read Next
LATEST STORIES
MOST READ
Don't miss out on the latest news and information.
View comments

Subscribe to INQUIRER PLUS to get access to The Philippine Daily Inquirer & other 70+ titles, share up to 5 gadgets, listen to the news, download as early as 4am & share articles on social media. Call 896 6000.

TAGS: American, Attacks, Europe, malware, US, world news
For feedback, complaints, or inquiries, contact us.


© Copyright 1997-2019 INQUIRER.net | All Rights Reserved

We use cookies to ensure you get the best experience on our website. By continuing, you are agreeing to our use of cookies. To find out more, please click this link.