Downers Grove association that helps disabled targeted by international cyber-thieves

There are 5,900 miles between Downers Grove, Illinois, and Tbilisi, Georgia.

But for a group of foreign cybercriminals, Chicago's western suburbs were a matter of a few seconds and computer keystrokes away, according to U.S. investigators.

A new federal indictment states the men from Russia, Georgia, Bulgaria and other parts of that region used "GozNym malware to steal millions of dollars from victims in the United States, primarily businesses and their financial institutions."

Among the victims described in Thursday's Pennsylvania indictment is "an association dedicated to providing recreation programs and other services to persons with disabilities located in Downers Grove, Illinois."

The ABC7 I-Team has learned the name of that association is Seaspar, a regional not-for-profit park district currently serving 1,200 children and adults with disabilities in 12 communities.

The indictment charges that, from October of 2015 through December of 2016, Viktor Vladimirovich Eremenko, a.k.a "nfcorpi"; Vladimir Gorin, a.k.a "Voland", "mrv" and "riddler"; Farkhad Rauf Ogly Manokhin, a.k.a. "frusa"; Konstantin Volchkov, a.k.a. "elvi"; Ruslan Vladimirovich Katirkin, a.k.a. "stratos" and "xen"; and five others, allegedly conspired to infect victims' computers with a malware program designed to loot their bank accounts.
The cyber thieves allegedly tried to drain Seaspar's bank accounts of nearly $110,000 by using association banking credentials to transfer funds, according to the indictment.

Seaspar's executive director told the I-Team that association officials were alerted to the odd, unauthorized transfer because the money was destined for a bank in Tbilisi, Georgia, and they don't have a relationship with that or any other foreign banks.

Seaspar executives contacted Downers Grove police and the FBI became involved. The association, founded in 1976, did not lose any money, according to its executive director.

They are among the lucky ones. By hacking into more than 41,000 computers worldwide, cyber gang members in four nations used the GozNym malware to steal $100 million.

Seaspar managers say they have no idea why their organization was targeted. Other victims in the U.S. included an asphalt paving company in Pennsylvania, a horse stud farm in Kentucky, a law firm in Washington, D.C., a church in Texas, a medical supply company in Florida and a furniture company in California. Even a casino in the resort town of Gulfport, Mississippi, was hit.
Copyright © 2020 WLS-TV. All Rights Reserved.