Russian hacker gang steals with impunity, says researcher

The Russian hacker gang using a Microsoft administration tool to steal passwords has cashed in big time for years, the researcher who has tracked the group's crimes said today.

A sampling of 11% of the stolen accounts found in one directory on the gang's command-and-control server found more than a quarter-million dollars at risk, said Joe Stewart, director of malware research at Atlanta-based SecureWorks Inc.

Stewart laid out that and more on Thursday as he detailed the inner workings of a cybercrime gang using the Coreflood Trojan horse to infect massive numbers of PCs, then sift through the machines for confidential information, including bank account numbers and passwords. "The one thing that they're looking for is larger accounts that they can clean out," said Stewart. "They haven't automated the money transfer part of the process, so they're looking for the biggest accounts to get the most money the quickest."