The Police Central eCrime Unit has arrested 19 people who police believe were involved in a fraud ring that netted millions of pounds from UK bank accounts.
The Metropolitan Police Central eCrime Unit (PCeU) said the 15 men and four women, who were arrested in London on Tuesday morning, are suspected of using the Zeus data-stealing Trojan to capture login details and gain access to online bank accounts. The gang allegedly stole around £6m in a three-month period from UK banks.
Police were alerted to the gang's alleged activities by the Virtual Taskforce, a group of financial institutions and academics that shares data about cybercrime, according to detective superintendant Charlie McMurdie.
"[The investigation] started as part of the Virtual Taskforce, with intelligence from the financial sector," McMurdie told ZDNet UK on Wednesday. "This was an attack, using Zeus, on thousands of victims."
McMurdie declined to name which UK banks' customers had suffered from the alleged theft, saying only that the banks were well known. The alleged attacks were not limited to the UK, she said, adding that the losses may have amounted to billions of pounds globally.
The Metropolitan Police said in a statement on Tuesday that it believed that once UK users' accounts were compromised, funds were transferred to mule and drop accounts controlled by the organisation. 'Mules' are people who, often unwittingly, transfer funds for criminal networks. A 'drop' account is an account that has been opened by a criminal to receive crime proceeds, normally using a false identity.
The 19 people were arrested on suspicion of offences against the Computer Misuse Act, the Proceeds of Crime Act, and the Fraud Act, and were taken to a number of central London police stations, where they currently remain in custody for questioning. Two of those arrested were also arrested on suspicion of possession of a firearm, said the police statement.
The Zeus data-stealing Trojan, which affects Windows computers, is now targeting mobile phones, according to security vendor Fortinet.