Two U.S. Law Firms Lost $117,000 to Cybercriminals

Shot from the Back to Hooded Hacker Breaking into Corporate Data Servers from His Underground Hideout. Place Has Dark Atmosphere, Multiple Displays, Cables Everywhere.
By William Vogeler, Esq. on May 23, 2019 1:02 PM

Two more law firms fell victim to cybercrime, losing about $117,000 through malware on their computers.

The cyberthieves used a malicious program to infect computer systems and capture banking login credentials. They also created look-alike internet pages for the victims' financial institutions, then accessed bank accounts to transfer money out and convert it to bitcoin.

Losing $117,000 is not the end of the world for most law firms, but it is hard to explain to clients. It's even harder to attract new clients if your firm is not cybersecure.

'Quicken Billpay'

The story came out in a federal indictment and press release. The Department of Justice did not identify the law firms, but said they were victims of an international cybercrime network that tried to loot an estimated $100 million from businesses primarily in the United States. The government named defendants from Russia, Georgia, Ukraine, Moldova, and Bulgaria.

According the indictment, the conspirators sent a phishing email to a D.C. law firm from the "Quicken Billpay Center." It directed the recipient to click on a link to view an invoice, which then downloaded the GozNym malware onto the firm's computer. Days later, one of the defendants used the recipient's credentials to access an account at Bank of America. The cyberthieves got $76,178.

The criminal enterprise also used the malware to capture banking credentials at a Massachusetts law firm. The hackers got into a Brookline Bank account, and transferred out $41,000. The American Lawyer said law offices are "a favorite target for hackers" because lawyers often possess valuable information. In this case, however, apparently the cybercriminals were more interested in money.

'Tens of Thousands of Computers'

According to reports, the malware was used to infect "tens of thousands of computers worldwide." The Associated Press said ten people, including five Russian fugitives, took remote control of the computers to siphon funds from victims' bank accounts. In addition to duping the law firms, the defendants hacked into a church in Texas, a furniture company in California, a casino in Mississippi, a contractor in Michigan, and many other businesses throughout the United States.

Scott Brady, a U.S. attorney in the case, said the case illustrates how cybercrime works on the world stage. He said it also shows that it takes cooperation among international authorities to fight cybercriminals. "It represents a paradigm change in how we prosecute cybercrime," Brady said.

In the legal sphere, the case is another example of the growing threat from hackers. According to one survey last year, about one-fourth of law firms were hacked.

Related Resources: