Three arrested in SpyEye malware investigation
The UK police arrested three men towards the end of last week in connection with an investigation into the use of SpyEye malware to steal online banking details. The investigation by the Police Central e-Crime Unit began in January and revolved around the group's use of a "uniquely modified variation of the SpyEye malware". The police did not reveal what the modifications were but SpyEye is designed to harvest personal banking details and send the results to a remote server under the control of criminals. The police say the arrests were in connection with an international investigation into a group using malware but did not reveal if arrests were made in any other countries.
According to a report in PC World, two of the men appeared in Westminster Magistrates Court in London. Pavel Cyganoc, a 26 year old Lithuanian, was charged with conspiracy to cause unauthorised modifications to computers, conspiracy to defraud, and concealing the proceeds of crime. Aldis Krummins, a 45 year old Latvian, was charged with conspiracy and concealing the proceeds of crime. A 26 year old man was released on police bail but is due to return for further questioning in August. His nationality was not revealed. Police also seized computer equipment and data as part of their investigation.
SpyEye malware was identified at the start of 2010 and appeared to have been in competition with ZeuS trojan toolkit technology until the ZeuS code was apparently handed over to SpyEye's developer. Efforts to thwart SpyEye have included the creation of trackers, but SpyEye appears to be getting more sophisticated in its techniques for stealing banking credentials.