Police in the Turkish city of Izmir have arrested 17 members of a gang who allegedly broke into online bank accounts and stole £158,000 from internet users.
Law enforcement agencies claim that the gang worked alongside three Russian hackers, who provided them with banking usernames and passwords stolen through spyware.
The Russian hackers are said to have shared the password information of thousands of unsuspecting Turkish internet users in exchange for 10% of the money stolen.
Turkish media reports say that hundreds of internet users began to complain about unexpected withdrawals from their online bank accounts in January.
A 20-strong team of the Izmir Organised Crime Bureau investigated the case, discovered the IP addresses of the computers making the illegal transactions, and made simultaneous raids at different addresses in Izmir, Fethiye, Didim and Kusadasi.
Graham Cluley, senior technology consultant for internet security firm Sophos, said, "In recent years there has been steady growth in the number of viruses and Trojan horses written to steal banking information from web surfers.
“Spyware can hide on users' computers, waiting for them to type in their confidential information, and then surreptitiously share it with hackers," he said.
"The Turkish authorities should be applauded for looking into this case so speedily, but phishing and spyware is a global problem, and requires a global clampdown.”
The names of the three suspected Russian hackers have been shared with Interpol.
Sophos estimates that Russia is one of the top producers of malware, accounting for 4.1% of all malware created during 2006. The US and China are well ahead of the field however.
David Lacey’s security blog
The latest ideas, best practices, and business issues associated with managing security
Stuart King’s risk management blog
Dealing with the operational challenges of information security and risk management
Comment on this article: [email protected]