Ukrainian sting targets Conficker fraudsters

The Ukrainian security service believes it has broken up a gang involved in a Conficker bank fraud worth millions of dollars, after a series of international raids.

Police from the UK, US, the Netherlands, France, Germany, Cyprus and Latvia participated in the raids on Tuesday, which brought in around 30 servers suspected to have been part of the Conficker botnet set-up. The State Security Service of Ukraine (SBU) said on Thursday that it has interviewed 16 people about the alleged fraud, and Latvian police arrested two people during the raids.

In addition, law enforcement agencies seized more than 40 bank accounts in Latvia and Cyprus, the Ukrainian agency said. The alleged fraud is believed to have taken in $72m (£45m).

Conficker was used to access bank accounts around the world by setting up a backdoor on victims' computers via scareware, Vitaliy Hlevytskyy, SBU's head of counter-intelligence information security, said in a statement.

"Attackers launched a virus that affected computers and offered an antivirus program, which contained another virus, which, in turn, allowed [the attackers] to obtain credit card data," said Hlevytskyy. "This is the first operation in combating cybercrime of this scale."

The alleged hackers set up commercial structures to transfer funds and launder money, the SBU said. The agency worked closely with the FBI and the US Department of Justice to prepare the raids.

Conficker, also known as Downadup and Kido, first surfaced in 2008. It exploits a Microsoft Windows vulnerability to build a network of compromised computers.