Police have arrested 19 people thought to be part of a gang that stole millions from online bank accounts using the infamous Zeus Trojan.
The Metropolitan Police Central e-Crime Unit (PCeU) believes that the gang of mostly East Europeans based in London had already stolen £6m from UK accounts, or around £2m per month, and could have taken as much as £20m in total.
According to the Daily Mail, the operation was highly sophisticated, involving a network of 'mule' accounts (real accounts used to withdraw money), and a mastermind described as being an 'IT expert'.
Police said that 600 UK bank accounts had been compromised but this is likely to be a low starting figure given the large sums quoted as having been stolen.
"We believe we have disrupted a highly organised criminal network, which has used sophisticated methods to siphon large amounts of cash from many innocent people's accounts, causing immense personal anxiety and significant financial harm," Detective ChiefInspector Terry Wilson of the Metropolitan Police was quoted as saying.
The arrests are the latest chapter in an ongoing investigation into a sudden and worrying surge in attacks over the summer on UK bank account customers using the Zeus/Zbot Trojan.
Even by the ever-present standards of malware crime, Zeus has risen to become probably the single most unpleasant threat internet users with online bank accounts the world over.
Only weeks ago, police arrested six people accused of using the same Zeus malware to target online bank accounts in the UK, stealing several million pounds from accounts and credit cards. It is not clear whether the new arrests are connected to this investigation or different part of what has become a serious problem.
The Zeus Trojan is prolific enough that it could probably support an entire e-crime news service on its own.
In August, a security company discovered evidence that the malicious program had infected as many as 100,000 PCs in the UK alone, while only days later a second security vendor discovered details of 3,000 UK online bank account users on a hacked server.
Attempts to spread the malware continue apace, including this week's spam attack on users of the LinkedIn social network service. This particular attack was clearly aimed at stealing logins for online business accounts.
"While this is definitely good news, it really is a drop in the ocean when you consider the sheer number of criminals out there constantly launching a variety of attacks on banks," said Mel Morris, CEO of internet security company, Prevx.
"Malware has evolved thanks to a level of professionalism from malware writers now being more than equal to that of security vendors if not more innovative. These criminals' techniques are so advanced that they are able to quickly spot weaknesses in most defences by using centralised intelligence gathered from analysis of the antimalware development models of traditional vendors to fly under the radar of malware detection. Subsequently, mainstream security technologies are reacting to threats instead of being one step ahead of the criminals."
Morris added that tfor the unlucky few who are targeted, this malware is able to steal vast amounts of information right under the nose of the majority of security products on the market.
"If we fail to act now, criminals will continue to reap the rewards while the industry merely bites at their heels."
See also: Zeus botnet hits 100,000 UK computers