A Barclays bank employee in London has been sentenced to six years and four months in jail for his role in a scheme to launder money stolen using the Dridex banking Trojan.
Jinal Pethad, 29, worked with money launderers Pavel Gincota and Ion Turcan to set up 105 fraudulent bank accounts for them, in an attempt to launder over £2.5 million ($3.34 million).
To ensure that the bank’s security processes didn’t block the stolen funds, Pethad was managing the accounts personally, the UK’s National Crime Agency says.
The individual was arrested in November 2016, one month after Gincota and Turcan were jailed for the conspiracy. Pethad pleaded guilty last week to conspiring to launder money between 2014 and 2016.
When searching Pethad’s home, NCA officers found over £4,000 ($5,300) in cash, 7 luxury watches, and 3 mobile phones that had been used to communicate with Gincota. Text messages on one of the phones revealed that Gincota and Pethad were making arrangements to open fraudulent accounts.
“Jinal Pethad abused his position of trust at the bank to knowingly set up sham accounts for Gincota and Turcan, providing a vital service which enabled them to launder millions. Using his knowledge of the financial system, he made sure the stolen money was not blocked before entering these accounts, and provided the pair with reports to evidence his efforts and maintain the criminal relationship,” Mark Cains from the NCA’s National Cyber Crime Unit, said.
Dridex, the malware used to steal the laundered funds, is a successor of the Cridex Trojan, has been around for several years and is currently one of the most prolific banking Trojans out there.
Not only did Dridex survive a takedown attempt in October 2015, but its activity has increased since. Last year, the actors behind Dridex launched the Locky ransomware and have been operating both ever since.