01 October 2016
Visit www.dh.com

US charges three over Gozi bank malware

24 January 2013  |  4938 views  |  0 Computer virus

US authorities have charged three men with creating and distributing the Gozi computer virus, which infected more than a million computers around the world, accessing banking details and stealing millions of dollars.

As indictments against the three were unsealed yesterday, US Attorney Preet Bharara revealed that Nikita Kuzmin, the man who conceived the virus, was arrested in the US in November 2010 and has pleaded guilty to various charges.

Latvian Deniss Calovskis and Romanian Mihai Ionut Paunescu were apprehended later in their home countries and are awaiting extradition to the US.

Prosecutors say the Gozi malware has infected over a million computers, among them at least 40,000 in the US - including some belonging to Nasa - causing tens of millions of dollars in losses.

The virus was distributed in various ways, including through PDFs, before collecting bank account usernames and passwords. The information was sent back to computer servers controlled by the crooks and used to transfer funds out of the accounts.

Kuzmin came up with Gozi in 2005 and began advertising it on underground forums, giving fellow criminals access to the virus for a weekly fee, enabling them to configure it to steal data of their choosing. From 2009 he changed tack and began selling Gozi outright.

Authorities allege that Kuzmin brought in Calovskis to tweak the virus, getting the Latvian to develop 'web injects' which altered how the pages of banks appeared on infected computers, tricking victims into divulging additional personal information.

Meanwhile, the third man, Paunescu - who goes by the name 'virus' - is accused of operating a bulletproof hosting service, providing servers and IP addresses for distributing Gozi as well as other malware and for initiating DDoS attacks.

Says Bharara: "In an information-age update on Willie Sutton, these men allegedly ran a modern-day bank robbery ring, and like Sutton, they targeted banks because that's where the money still is. But as we have seen with increasing frequency, cyber criminals' bank heists require neither a mask nor a gun, just a clever program and an Internet connection."

Kuzmin faces up to 95 years in prison, Calovskis 67 years, and Paunescu 60 years.
KeywordsLEGAL

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Chinese crooks pre-install malware on PCs

Chinese crooks pre-install malware on PCs

14 September 2012  |  5673 views  |  0 comments
Crooks jailed over online banking theft

Crooks jailed over online banking theft

03 July 2012  |  5401 views  |  0 comments
Russian security services bust notorious malware ring

Russian security services bust notorious malware ring

21 March 2012  |  6099 views  |  0 comments
Ukrainian authorities bust $70 million malware ring

Ukrainian authorities bust $70 million malware ring

28 June 2011  |  5784 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
Visit i2cinc.comVisit www.dh.com

Top topics

Most viewed Most shared
Ripple rudely gatecrashes Sibos partyRipple rudely gatecrashes Sibos party
11361 views comments | 35 tweets | 33 linkedin
BNP Paribas is working with clients on blockchain deploymentBNP Paribas is working with clients on blo...
8550 views comments | 15 tweets | 31 linkedin
Banks ready for real-world blockchainBanks ready for real-world blockchain
7275 views comments | 22 tweets | 30 linkedin
PayPal and Lenovo team on biometric authentication for laptopsPayPal and Lenovo team on biometric authen...
6852 views comments | 13 tweets | 16 linkedin
hands typing furiouslyCan Blockchain Prevent Money Laundering?
6588 views 0 | 24 tweets | 9 linkedin

Featured job

Find your next job