An international cybercrime gang is currently on the loose, orchestrating attacks on major U.S. corporations and government organizations to the tune of $3.2 million in the first six months of the year, or $17,000 a day.
The criminal syndicate is believed to be headed by a Russian man in his early 20s who goes by the name "Soldier," according to the security firm Trend Micro, which has been investigating the gang's exploits.
Soldier, Trend Micro said, deploys the SpyEye and Zeus banking Trojans to compromise and penetrate the servers of primarily U.S. targets, including local, state and federal government organizations, the U.S. military, educational and research institutions and banks, among other victims.
Soldier also has a botnet — a vast array of "zombie" computers whose owners don't know they've been hijacked by malware — under his control, which compromised approximately 25,394 systems between April 19 and June 29, 2011, Trend Micro wrote. The gang has also nabbed security credentials from companies including Facebook, Google, eBay, Amazon, Skype, Twitter and PayPal.
"Compromise on such a mass scale is not that unusual for criminals using toolkits like SpyEye, but the amounts stolen and the number of large organizations potentially impacted is cause for serious concern," Trend Micro said.
Experts believe Soldier isn't acting alone. According to Trend Micro, the gang's leader employs a team of money mules as well as two main accomplices, one based in West Hollywood, Calif., and the other in nearby Venice Beach.
Trend Micro said it is informing the victims of its findings.