14 DAY TRIAL // A Russian cybercriminal codenamed “Soldier” has managed to steal more that $3 million in the course of 6 months from U.S. organizations and individuals, being aided by two American accomplices and numerous money mules.
Trend Micro has been investigating the hacker who is supposedly a 20-year old from Russia.
With the help of a few criminal tools and accomplices from the U.S., he managed to steal $17,000 each day from those who owned the infected machines.
ZeuS and SpyEye were just a few of his resources in the attempt of pillaging the bank accounts of those who found themselves in the way of his malicious operations.
The research reveals that a close look at the IP addresses involved in the attacks shows a majority of victims residing in the United States, 10 percent of them being spread over 90 other countries around the world.
It is believed that companies were not initially targeted, but because the infected computers were housed in them, they might have fallen victims to other hackers which might have wanted to steal confidential data from them.
All sorts of organizations were affected, including government, military, educational and finance related ones and as we've seen in recent events, it is not excluded that they were hit by state-funded spies.
In the final months of the investigation, close to 25,000 devices were compromised by the botnets planted by the hacker, apparently Windows being the most exposed platform. It seems that not even the more secure Windows 7 could face the attacks, almost 5,000 of the infected computers being managed by it.
The variation of the SpyEye used was detected as TSPY_SPYEYE.EXEI and it not only spied on bank accounts, but also others, including Facebook, Yahoo, Google, eBay, Amazon and PayPal.
Victims are currently being informed on the attacks by Trend Micro who is trying to figure out how these operations take place with the purpose of preventing future unfortunate events.