Ukrainian authorities co-operating with US and UK law enforcement agencies have detained the suspected leaders of an international ring accused of stealing $70m from online bank accounts, crippling what was allegedly one of the most successful operations in the short but lucrative history of cybercrime.

Five alleged “key figures” in the Ukraine were quietly picked up on Thursday by the SBU national intelligence service, an agency spokeswoman confirmed after the publicised arrests of dozens of suspected lower-level players in the US and UK.

In Washington on Friday the FBI praised the SBU for its help in a case that began in May 2009, saying the two “have forged a strong partnership to target cybercriminals around the world”.

The case provided fresh hope to law enforcers and banks long frustrated by inquiries that hit a dead-end in eastern Europe, where many of the most successful cybercriminals are based. “If a group that takes in $70m a year and lives in the Ukraine can’t buy protection, that’s a good message to send,” said private security expert Don Jackson of SecureWorks, which protects banks and helped the FBI in the case. “I feel like dancing.”

The FBI said the five in Ukraine were “key subjects responsible” for the overarching scheme, which allegedly used malicious software called the Zeus Trojan, typically spreading it through malicious attachments to e-mails. When those attachments are opened, Zeus installs itself on the victim’s computer and records financial acc­ount numbers and passwords. People working on the inquiry said the five did not include the original author of Zeus, who Mr Jackson said lived in Russia. But they are alleged to be by far the largest customers of the author, the ones who funded steady improvements in the program. The Ukranian suspects were released pending further investigation, an FBI official said.

Be alerted on News

Copyright The Financial Times Limited 2018. All rights reserved.

Comments have not been enabled for this article.