Two Ukrainian nationals, Yuriy Konovalenko, 31, and Yevhen Kulibaba, 36 are in the dock. Konovalenko and Kulibaba were extradited from the United Kingdom. All of the defendants had been charged by a federal grand jury in August 2012 with conspiracy to participate in racketeering activity, conspiracy to commit computer fraud and identity theft, aggravated identity theft, and multiple counts of bank fraud. Court documents said that the defendants participated in an enterprise and scheme that installed the Zeus or "Zbot" on computers connected to the Bank of America, First National Bank of Omaha, Nebraska, the Franciscan Sisters of Chicago and Key Bank.
They nicked bank account numbers, passwords, personal identification numbers, RSA SecureID token codes and similar information necessary to log into online banking accounts. They then falsely represented to banks that they were employees of the victims and authorized to make transfers of funds from the victims' bank accounts, causing the banks to make unauthorized transfers of funds from the victims' accounts, the DoJ stated.
The defendants used US residents as "money mules" who received funds transferred over the Automated Clearing House network or through other interstate wire systems from victims' bank accounts. They then wired the cash overseas to the conspirators. Kulibaba allegedly operated the conspirators' money laundering network in the United Kingdom by providing money mules and their associated banking credentials to launder the money withdrawn from US-based accounts.
Konovalenko allegedly provided money mules' and victims' banking credentials to Kulibaba and facilitated the collection of victims' data from other conspirators. Four identified defendants have not been arrested. Three of them are from the Ukraine and one is from Russia. There are three others who have not been identified yet.