A Brooklyn man has pleaded guilty to charges as part of an FBI investigation into a banking malware and money mule scheme that has been running since 2015 and cost victims more than $1 million.
The plea from Vyacheslav Khaimov was for his role in the scam, which the FBI alleges involved attackers infecting victims’ machines with malware that gave them access to the victims’ bank accounts. The crew then used a variety of money mules and intermediate accounts to transfer the funds through the banking system and eventually into accounts the cybercrime group controlled. The FBI alleges that Khaimov received more than $230,000 in stolen money from this scheme.
“The proliferation of malicious software is a scourge on our society. Cybercriminal networks like the network that the defendant allegedly was a part of are responsible for pillaging innocent victims’ bank accounts and wreaking havoc on our financial institutions through the use of malware. They will be pursued and prosecuted to the full extent of the law,” said Robert Capers, United States attorney for the Eastern District of New York.
The government’s investigation into this cybercrime ring is still going on, and the FBI says that there have been more than $6 million in attempted losses as part of the scheme. The group comprises several members in various locations who used multiple bank accounts. One of the unidentified members of the group controlled more than a dozen accounts in three different countries, according to the complaint against Khaimov.
“Many of the intermediary bank accounts are opened by individuals referred to as ‘money mules’ or ‘mules.’ Based on my training and experience as well as this investigation, mules are typically unsuspecting individuals who believe they are working for a legitimate ‘work from home’ business. As part of their ’employment,’ the mules are instructed, typically via email, to open a bank account and receive the funds that have been removed from victims’ bank accounts.” the complaint says.
“The mule is then provided further instructions as to where to send the money she/he has received. The FBI has learned from interviews and lawfully obtained emails that many of the mules involved in this scheme were recruited by an individual who identified himself as ‘Samuel Gold.’ Their communications were primarily via email or over the phone, and none of these individuals had ever met Samuel Gold.”
This operation is typical of the way that many cybercrime schemes run. The criminals who direct the use of the malware and set up the operation usually have several layers of money mules to insulate them from the actual theft. But law enforcement agencies have begun unraveling many of these groups by going after the lower level money mules and working upward in much the same way as they have targeted drug organizations.