Yesterday night, VirusList (a newsletter run by Kaspersky) quoted an article from the turkish website Sabah that seemed to be really interesting : Russian connection in Turkish cybercrime investigation.

The article detailed a bunch of arrests conducted in Turkey: 17 people that siphoned between 300 and 500k$ in a few weeks from various banking accounts.

Investigations and arrests have been conducted by the Izmir Organized Crime Bureau. Who??? Never heard of them, but the article explains how this obscure taskforce has been able to obtain the identities of the thieves : well, the pirates logged to the banking website with their real IP addresses... Sometimes you are very lucky with your investigations, right?

According to the article, stolen banking credentials have been provided by three russian hackers that requested a 10% commission from the turkish withdrawals.
I first thought this was the same journalist mellow such as with Nordea (I blogged on this a few days back), but some details are confusing:

The police found computer equipment, fake passports, credit cards and unregistered weapons at what is believed to have been the headquarters of the -turkish- gang.

With unregistered weapons, these are not the usual turkish defacers, neither the traditional cybercrime groups. Better sounds like the brazilian cybercrime scene, where we sometimes find a hacker full of bullets.

We have observed a sustained growth of banking cybercrime by turkish pirates for the last few months. I'll put that in my PowerPoint presentations.