An online banking malware scam netted criminals $1.2m in stolen funds – and now one of the ringleaders is now facing hard time in the big house.
In August 2015, a Long Island online banking customer had $44,000 moved out of their account after a software nasty infected their PC and stole the account's login credentials. The FBI traced the transfer to a money mule, who forwarded on $42,500 to Vyacheslav Khaimov, 55, a worker at G&P Sports World by day. Within five days Khaimov, of Brooklyn, New York, had forwarded $24,580 of the money to a Thai bank account.
This theft led to a deeper investigation that showed Khaimov was a key figure in a number of banking thefts involving malware. In all the Feds estimated that $230,000 passed through his hands as part of a banking trojan ring that netted $1.2m in ill-gotten gains. Agents reckon the crooks attempted to swipe as much as $6m total.
"The proliferation of malicious software is a scourge on our society. Cybercriminal networks like the network that the defendant allegedly was a part of are responsible for pillaging innocent victims' bank accounts and wreaking havoc on our financial institutions through the use of malware," said US Attorney for the Eastern District of New York Robert Capers.
On Friday, Khaimov pleaded guilty to five charges including wire and banking fraud, conspiracy, and money laundering. While he awaits sentencing, the Feds are on the lookout for a Samuel Gold, who was responsible for hiring the money mules that funneled funds to Khaimov.
Those mules interviewed by the FBI claimed they had been hired by Gold to pass on money in exchange for a small commission. Khaimov then sent the funds on to two front companies, Reality Management Corp and First California, both of which were registered in Gold's name.
The court documents [PDF] show a clear link between Gold and Khaimov. What isn't clear is if Gold is an actual person or a fictitious creation of the thieves.
"Modern-day bank robbers no longer need a gunman and a getaway driver. Today, they just need a malware operator and money mules to carry out their crime from anywhere in the world," said FBI Assistant Director-in-Charge William Sweeney.
"This is an ongoing investigation conducted by the FBI's Cyber Task Force. We will continue to investigate all co-conspirators and bring them to justice." ®