As a second batch of East European hackers were charged on Thursday - this time in the US - with siphoning money from online bank account users using the Zeus trojan, Secure Browsing Service specialist Trusteer says there are other Zeus cybercrime gangs operating elsewhere in the world. Trusteer's comments come in the wake of a rash of arrests in the UK on Wednesday, which culminated in formal charges being laid against 11 Eastern Europeans from all walks of life. In the US, meanwhile, Thursday also saw charges laid against 70 further East Europeans, who allegedly used Zeus to steal at least $3 million from US bank accounts.

“The recent arrests in the US and the UK indicate that financial fraud is not the business of individuals,” says said Mickey Boodaei, Trusteer's CEO. “Behind these operations you can find groups of people which in many cases operate for larger organized crime groups.

They have the money and the means to run large scale sustainable criminal online operations. As time goes by we're seeing more groups which are larger, more efficient, and knowledgeable than before, and as a result much more successful.  Zeus is being used around the world to attack individual customers, and big businesses are also being targeted, particularly in the US.”

And it's against this backdrop that Boodaei predicts that other cybercrime gangs are almost certainly operating in other countries around the world, perhaps in continental Europe, Canada and across the Asia-Pacific region, running parallel criminal operations to the Zeus gangs in the UK and the US

“However, recent successful arrests in the US and the UK show that law enforcement agencies, with the help of the banks, their customers, and the industry, are capable of tracking these people down and putting them behind bars. More efforts are needed for this promising start to become truly successful. Financial fraud can be stopped from spreading if financial organizations and customers continue to improve security and work with law enforcement to go after cyber criminals.”

“The arrests show that some of the criminal groups behind Zeus are doing a poor job in covering their tracks.  This provides an excellent opportunity for the police, the banks, and their customers to join together and get more criminals behinds bars. The police and law enforcement agencies did a great job in tracing down this group and gathering information that can facilitate their arrest. This is not a simple task and I've heard many people saying that this is almost impossible due to the level of sophistication from criminals and the complication of the justice system. However, this case and a few others that precede it show that this can be achieved.”

In a recent initiative by Trusteer and a few other organizations, we were able to actually penetrate the criminals' servers and gather a lot of evidence from them. This shows that criminals are vulnerable.

“By running more operations like this and by the banks and other organizations investing effort in tracing fraudsters and not just blocking their activities, there is a good chance we can lower the volumes of attacks. Customers can take their banks' advice and implement fraud prevention tools that provide valuable capabilities to banks in detecting and blocking these threats. By working together we can definitely stop this threat from growing.” Boodaei said

For more on the US Zeus cybercriminal arrests: http://bit.ly/d7P98k

For a copy of the United States Attorney Southern District of New York press release: http://www.justice.gov/usao/nys/pressreleases/September10/operationachingmulespr%20FINAL.pdf

About Trusteer

Trusteer, the world’s leading provider of secure browsing services, helps prevent financial malware attacks through its array of services. Trusteer enables banks and online businesses to protect sensitive data such as account holder credentials from malware by locking down the browser and creating a tunnel for safe communication between the web site and customers’ machines. It also prevents phishing by validating site authenticity. Trusteer also allows remote, effective, and instant investigation of malware-related fraud incidents. Trusteer’s solutions are used by more than 70 leading financial organizations in North America and Europe and by more than 12 million of their customers. Trusteer is a privately held corporation led by former executives from RSA Security, Imperva, and Juniper. Follow us on www.Twitter.com/Trusteer. For more information about our products and services, please visit www.trusteer.com.