US charges three over Gozi bank malware
24 January 2013 | 5158 views | 0
US authorities have charged three men with creating and distributing the Gozi computer virus, which infected more than a million computers around the world, accessing banking details and stealing millions of dollars.
As indictments against the three were unsealed yesterday, US Attorney Preet Bharara revealed that Nikita Kuzmin, the man who conceived the virus, was arrested in the US in November 2010 and has pleaded guilty to various charges.
Latvian Deniss Calovskis and Romanian Mihai Ionut Paunescu were apprehended later in their home countries and are awaiting extradition to the US.
Prosecutors say the Gozi malware has infected over a million computers, among them at least 40,000 in the US - including some belonging to Nasa - causing tens of millions of dollars in losses.
The virus was distributed in various ways, including through PDFs, before collecting bank account usernames and passwords. The information was sent back to computer servers controlled by the crooks and used to transfer funds out of the accounts.
Kuzmin came up with Gozi in 2005 and began advertising it on underground forums, giving fellow criminals access to the virus for a weekly fee, enabling them to configure it to steal data of their choosing. From 2009 he changed tack and began selling Gozi outright.
Authorities allege that Kuzmin brought in Calovskis to tweak the virus, getting the Latvian to develop 'web injects' which altered how the pages of banks appeared on infected computers, tricking victims into divulging additional personal information.
Meanwhile, the third man, Paunescu - who goes by the name 'virus' - is accused of operating a bulletproof hosting service, providing servers and IP addresses for distributing Gozi as well as other malware and for initiating DDoS attacks.
Says Bharara: "In an information-age update on Willie Sutton, these men allegedly ran a modern-day bank robbery ring, and like Sutton, they targeted banks because that's where the money still is. But as we have seen with increasing frequency, cyber criminals' bank heists require neither a mask nor a gun, just a clever program and an Internet connection."
Kuzmin faces up to 95 years in prison, Calovskis 67 years, and Paunescu 60 years.