28 June 2017
visit http://events.sap.com/gb/fsi-forum-2017/en/home

Russian hacker pleads guilty over $500m Citadel malware

23 March 2017  |  7567 views  |  0 Computer virus

A Russian hacker accused of helping to develop and maintain the notorious Citadel malware toolkit, which was used to steal more than $500 million from bank accounts, faces up to 10 years in a US prison after pleading guilty to computer fraud.

Having been extradited from Norway in December, this week Mark Vartanyan (who went by the online handle 'Kolypto') pleaded guilty in an Atlanta court. He will be sentenced in June.

According to US authorities, the Citadel toolkit first began circulating for sale on Russian language forums in 2011. Crooks bought the malware and used it to exploit the computer networks of financial and government institutions, including in the US.

Over the years, Citadel infected approximately 11 million computers worldwide and is responsible for over $500 million in losses, says the Department of Justice.

For two years from 2012, while living in Ukraine and then Norway, Vartanyan engaged in the "development, improvement, maintenance and distribution" of Citadel. During these periods, he allegedly uploaded numerous electronic files that consisted of Citadel malware, components, updates and patches, as well as customer information.

Vartanyan is the second defendant charged in connection with an ongoing investigation of the Citadel malware. In 2015, Dimitry Belorossov was sentenced to four years, six months in prison following his guilty plea for conspiring to commit computer fraud for distributing and installing the malware onto victim computers.

Separately, a Lithuanian man has been arrested over a phishing scheme that saw him allegedly trick two multinational internet companies into wiring over $100 million to bank accounts he controlled.

Evaldas Rimasauskas is accused by US authorities of posing as an Asian-based computer hardware manufacturer to get a "multinational technology company and a multinational online social media company" to wire him the money.

He tricked the firms by registering and incorporating a company in Latvia that had the same name as the Asian firm - which both victims did business with. He then opened bank accounts linked to his firm and sent emails to the victims pretending to be from the Asian firm, asking for payments to the bank accounts he controlled.

The scam went on for at least two years before Rimasauskas was arrested last week in Lithuania. He has been charged by the US with one count of wire fraud and three counts of money laundering, each of which carries a maximum sentence of 20 years in prison, and one count of aggravated identity theft.

New research from security firm Proofpoint suggests that business email compromise attacks are on the rise, up 45% in the last three months of 2016, with manufacturing, retail and technology the sectors most targeted.

"Seventy-five percent of our customers were hit with at least one attempted BEC attack in the last three months of 2016 — and it only takes one to cause significant damage," says Ryan Kalember, SVP, cybersecurity strategy, Proofpoint.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Kaspersky records uptick in financial phishing and banking malware

Kaspersky records uptick in financial phishing and banking malware

24 February 2017  |  8389 views  |  0 comments | 6 tweets | 9 linkedin
Polish bank malware targets IP addresses in 31 countries - Symantec

Polish bank malware targets IP addresses in 31 countries - Symantec

13 February 2017  |  8284 views  |  0 comments | 14 tweets | 10 linkedin
Russia arrests malware gang suspects

Russia arrests malware gang suspects

10 February 2017  |  5936 views  |  0 comments | 6 tweets | 7 linkedin
Authorities swoop on $200m carding forum; Microsoft hits Citadel botnet

Authorities swoop on $200m carding forum; Microsoft hits Citadel botnet

06 June 2013  |  11029 views  |  0 comments | 1 tweets | 4 linkedin

Related blogs

Create a blog about this story (membership required)
visit vasco.com/news/PSD2-compliant-solutionsvisit www.response.ncr.comvisit www.www.fisglobal.com

Top topics

Most viewed Most shared
ECB preps eurozone-wide instant payments serviceECB preps eurozone-wide instant payments s...
9241 views comments | 19 tweets | 37 linkedin
ABN Amro tests wearable tech for contactless paymentsABN Amro tests wearable tech for contactle...
8806 views comments | 10 tweets | 6 linkedin
hands typing furiouslyThe EU and blockchain: taking the lead?
7593 views 0 | 8 tweets | 7 linkedin
Asia still top dog for payments innovation but Europe gaining groundAsia still top dog for payments innovation...
7531 views comments | 10 tweets | 9 linkedin
Mastercard eyes opportunities to profit from sharing economyMastercard eyes opportunities to profit fr...
7109 views comments | 6 tweets | 6 linkedin

Featured job

Six Figure Base + Commission + Stock Options
London

Find your next job