They are suspected of stealing $250 million (193 million EUR) in Ukraine and Russia alone

Apr 5, 2013 07:06 GMT  ·  By

The Russian Federal Security Service and the Security Service of Ukraine have arrested several individuals believed to be involved in the development of the notorious banking Trojan dubbed Carberp.

Last month, experts from security firm ESET reported that the Carberp malware family was still evolving, despite the fact that a large number of individuals responsible for operating the botnet were arrested in the past months.

It will be interesting to see if this latest series of arrests will have any impact on the Trojan’s evolution.

According to Ukrainian publication Kommersant, the cybercriminal ring – comprising around 20 members, most of them aged between 25 and 30 – is responsible for stealing $250 million (193 million EUR) in Ukraine and Russia alone.

Authorities report that the criminals utilized the malware to steal sensitive information from the computers of various companies. They used the stolen data to transfer money from the accounts of the targeted firms to ones they controlled.

Reportedly, 30 Ukrainian companies have been impacted.

The suspects have been apprehended in various Ukrainian cities, including Kiev, Odessa, Lviv and Kherson. The mastermind of the operation is believed to be a 28-year-old from Russia.

The members of the gang worked remotely, each being tasked with a certain part of the development process.

The Security Service of Ukraine is currently analyzing the computers seized from the suspects.

Some of them have been released on bail, while others are under house arrest. If found guilty, they face up to five years in prison.

While Kommersant doesn’t mention Carberp as being the piece of malware utilized by the cybercriminals to make all that money, security researcher Aleks Gostev of Kaspersky has confirmed that Carberp’s alleged developers and its mastermind are the ones arrested in Ukraine.