The past weeks have brought great news about police success in catching a group of cybercriminals operating in the United Kingdom. The Police Central e-crime Unit (PCeU), which was created in 2008 and is responsible for fighting cybercrime in the UK, announced the arrests of three people who were charged in connection with alleged online banking crimes. The PCeU gave limited details about the crimes, but did provide information about their basic scheme. The suspects are accused of using malware (malicious computer code) to infect computers and steal private banking information. This information could then easily be used to steal from personal bank accounts.
The alleged cybercriminals in this case are believed to have used a new malware toolkit called “SpyEye.” In late December 2009, a new criminal toolkit emanating from Russia, known as SpyEye, started to appear for sale on Russian underground forums. Initially being sold for $500, SpyEye continues to grow in popularity with cybercriminals. New updated versions of SpyEye are released regularly. SpyEye is similar to the more widely known “Zeus” toolkit and includes some basic features such as a “keylogger” that can read the key strokes on a victim’s computer and tools to capture images of victim’s computer screens.
Earlier this year, there was significant media coverage of a large number of arrests made in the US and Europe of gangs suspected of using the Zeus toolkit. Zeus remains a very popular tool for cybercriminals. However, the emergence of SpyEye and these recent arrests shows that cybercriminals adapt quickly. Law enforcement success against the recent Zeus gang may have actually driven other cybercriminals to focus on using SpyEye or similar more advanced tools. Toolkits like SpyEye also demonstrate the ease with which an individual can become a cybercriminal. With a basic understanding of how to access a chatroom and $500, a cybercriminal can obtain a SpyEye toolkit. This provides most of the basic tools necessary to steal victim identities and bank account information.
The recent arrests by UK police of this SpyEye gang are still very good news. Eliminating cybercrime requires the success of law enforcement in cases like this. The increasing sophistication and complexity of cybercriminal tools, like SpyEye, also means that law enforcement needs to quickly adapt to the latest threats and tools created by cybercriminals.