UK police have charged 11 alleged members of a ZeuS Trojan e-banking ring on money laundering and fraud.
According to London’s Metropolitan Police, the group made £6m within three months by operating a network of bank robbing Trojan horse programs.
The virus not only logged keystrokes and collected user data but also carried out illegal banking transactions.
Using the malware’s ability to access bank accounts, they reportedly transferred money to accounts they control.
Customers of HSBC, the Royal Bank of Scotland, Barclays and Lloyds TSB were targeted in the scam.
"We believe we have disrupted a highly organised criminal network, which has used sophisticated methods to siphon large amounts of cash from many innocent peoples’ accounts," the Metropolitan Police said.
Among those arrested were web designer Yurit Korovalenko from the Ukraine, supermarket employee Ivars Poikans from Latvia and unemployed Aleksander Kusner from Estonia.
The trio are apparently not the masterminds of the plot, said security experts. The ZeuS software is sold on the black market and there are more than 160 command-and-control servers for the malware.
"There are between five and 10 top-tier groups" said Don Jackson, a researcher with security vendor SecureWorks.
"This group in the UK was not one of those top groups, but wanted to be one."
The group will appear in Westminster Magistrates’ Court on Thursday.