Four London-based men, found guilty of using a sophisticated Trojan horse to steal money from online bank accounts, have been sentenced to a total of over 13 years in prison by a British court.
The malware deployed by Azamat Rahmonov, Shohruh Fayziev, Joao Dos Santos Cruz, and Paulo Jorgi (also known as Ricardo Pereira) waited until internet users tried to log in to their online bank, before displaying a fake login page to steal credentials.
The Trojan horse then altered the customer’s account without their knowledge, creating a new payee in what is known as a “man-in-the-browser” attack.
Later in the day a third party would access the bank account and transfer funds to a specially-recruited money mule. The mule, in turn, would be instructed to withdraw the stolen cash at another bank, earning a commission in the process, before ultimately wiring the illegal proceeds to…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
