International gang arrested for $300,000 internet bank theft

Sophos Press Release

Gang colluded with Russian hackers, police claim

Spyware. Image copyright (c) Sophos
Spyware allows remote hackers to steal confidential information from other PCs.

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have reminded computer users of the perils of spyware and phishing, following the arrest of an international gang who raided online bank accounts.

Police in the Turkish city of Izmir have arrested 17 members of a gang who broke into online bank accounts and stole $300,000 from internet users. Law enforcement agencies claim that the gang worked alongside three Russian hackers, who provided them with banking usernames and passwords stolen through spyware.

The Russian hackers are said to have shared the password information of thousands of unsuspecting Turkish internet users in exchange for 10% of the money stolen.

Reports in the Turkish media say that hundreds of internet users began to complain about unexpected withdrawals from their online bank accounts in January. A 20-strong team of the Izmir Organized Crime Bureau investigated the case, discovered the IP addresses of the computers making the illegal transactions, and made simultaneous raids at different addresses in Izmir, Fethiye, Didim and Kusadasi.

"In recent years there has been a growth in the number of viruses and Trojan horses written specifically to steal banking information from web surfers. Spyware can silently hide on a user's computer waiting for them to type in their confidential information and then surreptiously share it with the hackers," said Graham Cluley, senior technology consultant for Sophos. "The Turkish authorities should be applauded for looking into this case so speedily, but this is just the tip of the iceberg. Phishing and spyware is a global problem, and all computer users need to defend themselves better against these kind of menaces if they want to continue to bank online safely."

Names of the three suspected Russian hackers have been shared with Interpol. Sophos experts noted in the Sophos Security Threat Report 2007 that Russia is one of the top producers of malware, accounting for 4.1% of all malware authored during the last year.

Sophos experts encourage all computer users to learn how to reduce the risk of having online banking information stolen from them. The firm also recommends that companies protect their desktops, servers and gateways with a consolidated solution to thwart the threats of viruses, spyware, phishing and spam.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at