Malware criminals change company bank account to obtain €900,000

Garda questioning two men in west Dublin as part of investigation into online fraud

gardaí have arrested two men and seized €900,000 as part of an investigation into a sophisticated online fraud. The men are being questioned at Blanchardstown Garda station.
gardaí have arrested two men and seized €900,000 as part of an investigation into a sophisticated online fraud. The men are being questioned at Blanchardstown Garda station.

Gardaí have arrested two men and seized €900,000 as part of an investigation into a sophisticated online fraud.

A European company was infiltrated with malware software and the details of a bank account to which they lodge VAT payments was secretly changed.

It meant when the company made a VAT payment the money was lodged into an account controlled by criminals behind the malware attack on the company.

The men arrested by the Garda are alleged to be members of the criminal network involved. The suspects are aged 31 and 67 years and are foreign nationals.

READ SOME MORE

Over €900,000 has effectively been frozen in an Irish bank account before the criminals involved could put it out of reach of law enforcement authorities.

However, it was unclear whether that cash frozen in a bank account represents the entire sum of money the company was fraudulently induced to send to the wrong account.

The men arrested are based in Ireland and their alleged role in the fraud, including having control of the recipient bank accounts, was run from the Republic.

The two suspects were arrested in Dublin on Tuesday morning by the Garda's Money Laundering Investigation Unit. It is part of the Garda National Economic Crime Bureau.

Both suspects were detained under Section 4 of the Criminal Justice Act and can be detained for up to 24 hours without charge. They are being quizzed at Blanchardstown Garda station.

gardaí are working on the theory that malware was used to access an electronic database of the company that was due to make the VAT payment.

That malware attack enabled the issuing of a request to change the true recipients bank account details. And when the VAT payment was made by the company, it went to a bank account controlled by the criminals rather than the true recipients bank account.

The Garda said that once the funds were received there were a number of onward transactions, both within the Republic and outside it. Such transactions are normally done rapidly to scramble the money trail before a criminal investigation has time to act.

However, with the cooperation of a financial institution, in excess of €900,000 was effectively frozen by the Garda during that period between a money transfer leaving one bank account and being officially received by another.

Conor Lally

Conor Lally

Conor Lally is Security and Crime Editor of The Irish Times