Ukraine’s security service SBU said on Thursday it had helped the U.S. Federal Bureau of Investigation and other law enforcement organizations disrupt a cybercrime ring that cost the banking industry more than US$72 million using Conficker, a fast-spreading worm unleashed in 2008.
The SBU said it had interviewed 16 people so far following an international law enforcement investigation into fake antivirus software and online banking fraud. The interviewees indicated they allegedly used the Conficker worm to spread antivirus software, according to a translation of a news release from the SBU. Nineteen raids were conducted on Tuesday in the Ukraine, the SBU said.
Conficker, also known as “Downadup,” was one of the most severe computer security problems in recent years. It took advantage of a vulnerability in Microsoft’s software, infecting at least 3 million PCs and possibly as many as 12 million, forming a massive botnet.
The problem grew so bad that a group of companies and organizations formed the Conficker Working Group in late 2008 to research the malware and find ways to block it. In February 2009, Microsoft offered $250,000 as a reward for information that lead to the conviction of the person or people who wrote Conficker.
On Wednesday, the FBI said it had worked with law enforcement agencies in the U.K., the Netherlands, Latvia, Germany, France, Lithuania and Sweden to take down two Latvian cybercrime gangs. The groups allegedly made tens of millions of dollars by sneaking fake virus warnings onto victims’ computers and then sometimes charging more than $100 for software that supposedly fixed the problems.
One of the Latvian gangs infected 960,000 computers, costing users $72 million, the same figure as referred to by the Ukrainian authorities on Thursday. The two people arrested in Latvia — Peteris Sahurovs, 22, and Marina Maslobojeva, 23 — both face wire fraud and computer fraud charges in the U.S.