Gozi Malware Creators Charged in the US; the Russian Faces 95 years in Prison
The Russian cyber criminal behind the infamous Gozi malware, which affected more than a million computers worldwide and was designed with the intent of stealing confidential banking credentials of users and affected thousands of customers was charged in New York along with two accomplices according to the files released by the U.S. Department of Justice.
Nikita Vladimirovich Kuzmin, the mastermind behind the Gozi malware coding and distribution was charged along with Deniss Calovskis, and Mihai Inout Paunescu, all of whom are from Eastern Europe an were involved in this cyber crime. The charges against them include wire fraud, access device fraud, and computer intrusion, and bank fraud as per the U.S. Attorney’s Office for the Southern District of New York.
Kuzmin, who hails from Russia, is supposed to have created the program for Gozi sometime around 2005, when he conceived of an idea to create a virus which could steal banking credentials from victims and could escape antivirus software. He enumerated the technical details for such a program and then hired a computer programmer to write the source code. After developing the virus, he started renting it to other like minded cyber criminals who wished to steal various types of data for a weekly fee. The virus was delivered via various means, and stolen data would be stored on a server, the access to which was granted depending on the time period for which the payment was made. This distribution started in 2007 and was limited to Europe during that period, and reached the U.S. only in 2010.
The Gozi Malware comes in a family of software known as zombie software, which uses the method of HTML injection so as to trick victims into revealing their account details which can be accessed by criminals later on.
All three persons had their defined roles and would function in a systematic manner and had codenames in this project of theirs. Calovski, a Latvian who used the name “Miami” was the HTML injection expert and the one who anti-security updates to the criminals who could use these web injects to extract information from their victims as these injects were able to alter the appearance of banking websites to the customers.
Paunescu, who comes from Romania, and who went by the name “Virus”, was responsible for providing a bulletproof hosting service to their criminal clients, which consists of IP addresses and servers which were used to send the scam emails containing the Gozi malware and others such as Zeus and SpyEye Trojans, and also controlling botnets and carrying out Denial of service attacks.
The case which was taken up by FBI in May 2010 when people in U.S. started getting affected and intercepted various conversations and emails from Kuzmin which finally led to his arrest in San Francisco in November 2010.
Kuzmin, later pleaded guilty to the charges against him and helped investigators in their investigation into the case.
As of now, it has been confirmed that Gozi Malware has affected more than 40,000 computers in U.S., including 160 computers of NASA.
Kuzmin might face a maximum penalty of 95 years in prison, Claovskis has been given 65 years and Paunescu can face 60 years in prison though how much they will be awarded will be revealed only when the courts sentence them.