A Russian cybergangster who openly tried to recruit a hacker army for an online crime spree against U.S. banks and their customers posted a Web video of himself showing off luxury cars, a newly built suburban home and other ill-gotten gains, all the while boasting that he is untouchable.
He also has claimed to have drained $5 million from U.S. banks through his online crime spree.
The bizarre video highlights the growing audacity and brazenness of Internet criminals based abroad but targeting bank customers and businesses in the United States.
The FBI is investigating about 230 cases of electronic fraud against U.S. banks involving the attempted theft of more than $255 million and the actual loss of about $85 million, spokeswoman Jenny Shearer said.
She declined to comment on the gangster’s claims, but security specialists say top cybercriminals can reap up to $150,000 a month and face little risk of arrest.
“If you accurately target [bank] customers in the USA while being in Russia then you can fear nothing while living in your country,” wrote the gangster, who uses the online alias “vorVzakone.”
His nickname is a Russian slang word literally meaning “Thief-in-Law” but also implying untouchability and perhaps better translated as “Made Man” or “Mafia Don.”
In a post last month on a Russian-language private Internet forum for cybercriminals, vorVzakone said he is trying to recruit 100 partners for an online crime wave he called Project Blitzkrieg.
Applicants who passed online interviews would get copies of a special crimeware package, he said. They also would get instructions on how to use the package to take over and drain accounts at 30 U.S. banks.
Crimeware packages are specially written malicious software programs that can infect computers through email or the Internet and allow hackers to steal personal identities, bank accounts and private data.
“Since 2008 by using this product not less than $5m was transferred just by one team,” vorVzakone wrote, although some security analysts were skeptical about this figure.
Project Blitzkrieg was first highlighted this month by researchers at the security firm RSA, who dubbed the crimeware package “Gozi Prinimalka.”
“This is the first time we’ve seen a cybergang reach out” to try to recruit cybercriminals online, said Mor Ahuvia, a cybercrime specialist at RSA. “That’s what makes this special.”
The aim is to set up “hacking cells” financed by individual investors who pay thousands of dollars for the crimeware they need, she said, calling the pitch a form of cybercrime “network marketing.”
His efforts to recruit a cybergang highlight the extent to which criminal activities online have been commercialized with crimeware packages for sale to anyone who can use a computer.