A Hampton, New Hampshire, man has pleaded guilty to fraud charges for his role in a scheme to empty brokerage accounts by installing malicious Trojan horse software on victims’ computers.
According to court documents, Alexey Mineev set up several “drop accounts” that were then wired funds stolen from banking and brokerage accounts between July and December 2007. He pleaded guilty to one count of money laundering on Wednesday, according to Mike Ruocco, deputy to Judge Paul Gardephe of the U.S. District Court for the Southern District of New York, who is presiding in the case.
The criminals would infect PCs with malicious Trojan software that would steal account numbers and passwords whenever victims logged into their accounts online.
Authorities say that another conspirator, Alexander Bobnev, would e-mail Mineev screenshots of the hacked accounts showing how much money was being transferred into Mineev’s drop account, along with instructions such as “Withdraw the money … tomorrow.”
Mineev would then move the cash, sometimes as much as US$10,000, to Russia, using services such as Western Union.
Trojans are malicious programs that users install on their computers, believing them to be benign. Hackers disguise them as things such as video codecs, screensavers, and even security patches.
Account theft is a growing problem for banks and brokerage firms. They want to keep offering customers low-cost online banking services but are also sustaining losses from international criminals. Once the money has been moved offshore, it is virtually impossible to recover, security experts say.
Fraudsters often try to recruit so-called money mules to move funds from hacked accounts overseas. Often these mules are unwitting participants in the scheme, believing that they are simply doing freelance payroll work for international companies.
When charges were filed against Mineev and Bobnev last November, the U.S. Department of Justice charged a third man, Aleksey Volynskiy of New York, of also setting up drop accounts and laundering stolen money. Bobnev, of Volgograd, Russia, reportedly is out of the reach of U.S. law enforcement in his home country.
Mineev faces as much as two years in prison and a fine as high as $40,000 on the charge.
In his plea agreement, he said he would return the $112,000 he made from the scheme.
Source: Computerworld.com
