The suspected members worked as mules for fraudsters based in Eastern-Europe who stole around $70 million from companies and consumers in the US. The original goal was $220 million, but the criminals only managed to steal less than a third of that. They used the the malware's obtained usernames and passwords for bank account details.
The Operation Trident Breach investigation began in May 2009 when FBI agents noticed a string of suspicious bank transactions: automated clearing house batch payments were made to 46 separate bank accounts throughout the US. The large-scale organized cybercrime operation was active in several countries outside of the US, including the Netherlands, Ukraine, and the UK.