Yuriy Igorevich Rybtsov, also known as MrICQ, was apprehended in Italy and is now in U.S. custody following a 2012 indictment for his involvement in the Jabber Zeus hacking group. Jabber Zeus, responsible for stealing millions from U.S. businesses, utilized a custom version of the ZeuS banking trojan to intercept financial data, primarily targeting small to mid-sized companies. The group’s operations included modifying payroll systems of affected businesses, employing money mules to facilitate their thefts through indirect banking transactions.
Rybtsov’s arrest comes as part of a larger investigation into the group’s activities, which used sophisticated methods to target numerous victims. Details have emerged about their operational tactics, including intercepting one-time passcodes and exploiting vulnerabilities in the online banking process to maximize their haul. His extradition follows years of working with U.S. authorities after being identified as a key developer within the crime syndicate.
The Jabber Zeus crew was known for implements like ‘Leprechaun,’ which allowed them to capture sensitive information in real-time. The investigation also involved insights from threat intelligence expert Lawrence Baldwin, who followed the group’s activities closely, providing crucial evidence and alerts to potential victims. This development may signal an intensified effort to dismantle one of the cybercrime landscape’s most notorious gangs.
👉 Pročitaj original: Krebs on Security
