22 January 2018
visit http://response.ncr.com

Russian hacker pleads guilty over $500m Citadel malware

23 March 2017  |  8151 views  |  0 Computer virus

A Russian hacker accused of helping to develop and maintain the notorious Citadel malware toolkit, which was used to steal more than $500 million from bank accounts, faces up to 10 years in a US prison after pleading guilty to computer fraud.

Having been extradited from Norway in December, this week Mark Vartanyan (who went by the online handle 'Kolypto') pleaded guilty in an Atlanta court. He will be sentenced in June.

According to US authorities, the Citadel toolkit first began circulating for sale on Russian language forums in 2011. Crooks bought the malware and used it to exploit the computer networks of financial and government institutions, including in the US.

Over the years, Citadel infected approximately 11 million computers worldwide and is responsible for over $500 million in losses, says the Department of Justice.

For two years from 2012, while living in Ukraine and then Norway, Vartanyan engaged in the "development, improvement, maintenance and distribution" of Citadel. During these periods, he allegedly uploaded numerous electronic files that consisted of Citadel malware, components, updates and patches, as well as customer information.

Vartanyan is the second defendant charged in connection with an ongoing investigation of the Citadel malware. In 2015, Dimitry Belorossov was sentenced to four years, six months in prison following his guilty plea for conspiring to commit computer fraud for distributing and installing the malware onto victim computers.

Separately, a Lithuanian man has been arrested over a phishing scheme that saw him allegedly trick two multinational internet companies into wiring over $100 million to bank accounts he controlled.

Evaldas Rimasauskas is accused by US authorities of posing as an Asian-based computer hardware manufacturer to get a "multinational technology company and a multinational online social media company" to wire him the money.

He tricked the firms by registering and incorporating a company in Latvia that had the same name as the Asian firm - which both victims did business with. He then opened bank accounts linked to his firm and sent emails to the victims pretending to be from the Asian firm, asking for payments to the bank accounts he controlled.

The scam went on for at least two years before Rimasauskas was arrested last week in Lithuania. He has been charged by the US with one count of wire fraud and three counts of money laundering, each of which carries a maximum sentence of 20 years in prison, and one count of aggravated identity theft.

New research from security firm Proofpoint suggests that business email compromise attacks are on the rise, up 45% in the last three months of 2016, with manufacturing, retail and technology the sectors most targeted.

"Seventy-five percent of our customers were hit with at least one attempted BEC attack in the last three months of 2016 — and it only takes one to cause significant damage," says Ryan Kalember, SVP, cybersecurity strategy, Proofpoint.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Kaspersky records uptick in financial phishing and banking malware

Kaspersky records uptick in financial phishing and banking malware

24 February 2017  |  9231 views  |  0 comments | 6 tweets | 9 linkedin
Polish bank malware targets IP addresses in 31 countries - Symantec

Polish bank malware targets IP addresses in 31 countries - Symantec

13 February 2017  |  9138 views  |  0 comments | 14 tweets | 10 linkedin
Russia arrests malware gang suspects

Russia arrests malware gang suspects

10 February 2017  |  6362 views  |  0 comments | 6 tweets | 7 linkedin
Authorities swoop on $200m carding forum; Microsoft hits Citadel botnet

Authorities swoop on $200m carding forum; Microsoft hits Citadel botnet

06 June 2013  |  11311 views  |  0 comments | 1 tweets | 4 linkedin

Related blogs

Create a blog about this story (membership required)
visit www.ebaday.comvisit www.niceactimize.comvisit www.thomsonreuters.info

Top topics

Most viewed Most shared
Standard Chartered establishes fintech innovation and investment unitStandard Chartered establishes fintech inn...
8782 views comments | 14 tweets | 14 linkedin
BofA leads on blockchain patentsBofA leads on blockchain patents
8778 views comments | 12 tweets | 12 linkedin
Banks shift priorities toward growth, digitisation and innovation - surveyBanks shift priorities toward growth, digi...
8665 views comments | 37 tweets | 44 linkedin
Sbanken opens developer portal and invites customers to build their own digital bankSbanken opens developer portal and invites...
7746 views comments | 16 tweets | 11 linkedin

Featured job

Germany, Austria or Switzerland

Find your next job