Hacker “soldier” steals $3.2 million from U.S. companies

16 09 2011

I was going to do my blog on “Password selection vital in foiling hacker”, by Ced Kurtz from the Pittsburgh post-gazette, but today I came across a very interesting article from SC Magazine that was written by Angela Moscaritolo. (You should still check out the Password selection post though).  The article is about a hacker by the cybercriminal underground name of “soldier”. Jamz Yaneza is a researcher at the anti-virus firm Trend Micro. He is the person who spoke to SC Magazine about the hacker soldier.Jamz Yaneza told SC Magazine that the hacker “soldier” has stolen 3.2 million dollars from major U.S. corporations.  Yaneza said that According to the ongoing investigation at Trend micro the attacker is believed to be in his early 20’s and lives in Russia.

According to the article ‘soldier’ was collaborating with accomplices in West Hollywood and Venice, California. The attacks did not target a specific group of organizations, it affected from U.S. Military, banks, airports, media and technology firms to even educational and research institutions. The attacks targeted mostly organizations but there were also a number of home users who were affected. The majority of the victims were in the United States of America but there were small amounts that reside in some 90 countries across the world.

Tools such as SpyEye and Zeus were used to steal the millions of dollars. These toolkits are sold on the black-market and that is where Yaneza think that the young hacker acquired them. The way that Yaneza thinks the hacker accomplished his attack is by heavily relying on SpyEye and Zeus toolkits. Around January ‘soldier’ started using Zeus to compromised user’s systems via drive-by downloads which is done when you simply pass a website or click on an e-mail attachment and software is downloaded unintentionally (by you that is). Once the systems were compromised the computers were then infected with banking Trojans that automate the process of conducting online banking fraud. The malware is capable of siphoning small increments of money at a time out of bank accounts without users noticing. To increases the number of infected computers under his control the hacker leases out machines from other criminals. In his attacks he have been successful with about 25,000 systems 57 percent of the systems compromised were Windows XP, according to Trend Micro researchers. Some 4,500 infected systems were running the latest Windows operating system, Windows 7. According to Yaneza, programs like these are used for routinely stealing credentials from high profile sites such as Facebook, Yahoo, Google, eBay, Amazon, Twitter, PayPal and Skype. The investigation is still going on and the federal government is getting involved according to the article.

This was an attention grabbing case and personally I only see situations like this one on shows like Burn Notice. The two programs talked about in the article is so unauthodoxed Yaneza said that they can only be purchaced on the black-market. This redefines the reason I got involved in Information Security. There are many who try to exploit not just small systems but large and complex ones too, and I want to be involved in protecting victims and potential victims from hackers like ‘soldier’.


Angela Moscaritolo.  “Hacker ‘soldier’ steals $3.2 million from U.S. companies.” SC Magazine September 15th, 2011:  http://www.scmagazineus.com/hacker-soldier-steals-32-million-from-us-companies/article/212070/




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: