13 years jail for bank robbers who used Trojan horse

Graham Cluley

Four London-based men, found guilty of using a sophisticated Trojan horse to steal money from online bank accounts, have been sentenced to a total of over 13 years in prison by a British court.

The malware deployed by Azamat Rahmonov, Shohruh Fayziev, Joao Dos Santos Cruz, and Paulo Jorgi (also known as Ricardo Pereira) waited until internet users tried to log in to their online bank, before displaying a fake login page to steal credentials.

The Trojan horse then altered the customer’s account without their knowledge, creating a new payee in what is known as a “man-in-the-browser” attack.

Later in the day a third party would access the bank account and transfer funds to a specially-recruited money mule. The mule, in turn, would be instructed to withdraw the stolen cash at another bank, earning a commission in the process, before ultimately wiring the illegal proceeds to…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, on Mastodon at @[email protected], or drop him an email.