This article is more than 1 year old

Kingpin in $1m global bank malware ring gets five years in chokey

Cyber-crim nabbed after he used home IP address to empty victims' accounts

A villain at the heart of an organized crime network that stole £840k ($1m) from victims' online bank accounts has been jailed.

Tomasz Skowron, 29, of Meredith Road, Worthing, England, was sent down for five years and three months on Monday at Croydon Crown Court, after pleading guilty to conspiracy to defraud, fraud, and money laundering offenses.

The crook was in a gang of internet banking thieves, who in 2014 infected computers with malware that drained online accounts into criminals' pockets. Several companies in Australia were among victims robbed by the cyber-bandits' software nasty.

Cops were alerted by banking officials to several fraudulent transfers from customers of the Commonwealth Bank of Australia to British bank accounts. A number of those dodgy payments involved a system using a single public IP address – which was traced back to Skowron's home address.

Just over two years ago, on December 9, 2014, detectives seized electronic devices from Skowron's property, including computers and phones. Forensic analysis of the nabbed gear found messages confirming the man's involvement in arranging for fraudulent payments to be siphoned through various "money mule" bank accounts.

Investigators also linked Skowron to two separate cyber attacks against UK construction companies, although he was not convicted of any hacking offenses. The building firms reportedly fell victim to man-in-the-middle attacks back in April 2014, when employees unwittingly downloaded malware onto their employers' systems, allowing fraudsters to swipe those businesses' online banking passwords.

This information was used to log into the victims' bank accounts and make fraudulent transfers into accounts owned or controlled by the criminal network.

The two construction companies lost about £500k as a result of these malware infections, and approximately £39k of that stolen cash had been transferred into a bank account Skowron had opened himself just nine days before the fraud took place. After further probing, Skowron was collared and charged in June 2016.

Detective Constable Jody Stanger, who led the case, said: "Skowron played a significant part in a wider criminal network that was responsible for several high-value frauds using malware."

"The proceeds of this fraud were then laundered through an organised money mule network," Stanger continued. "This conviction and sentence is the culmination of a long and complex investigation and shows that we will relentlessly pursue criminals involved in serious and organised crime online." ®

More about


Send us news

Other stories you might like