13 Jun 2013

3 Charged In Gozi Virus

Three people who are said to have been involved in cybercrime for years in Eastern Europe, have been charged for the distribution of Gozi virus by the U.S. court. The Gozi virus is reported to have affected over a million computers and thus allowed cybercriminals, over a period of 5 years, to steal several millions of dollars.

Who are charged?

The three people who have been charged are Russia’s Nikita Kuzmin, Romania’s Mihai Ionut Paunescu and Latvia’s Deniss Calovskis. All three of them face various charges in the U.S. District Court for Southern District of New York. This information was announced by U.S. Department of Justice on January 23, 2013.

What Did Gozi Do?

In U.S., the Gozi virus infected 40,000 computers that included 160 computers in NASA. The virus stole online accounts information and banking credentials and sent the data back to the server that was controlled by Kuzmin, the creator of the virus.

The Roles and the Charges

Name: Nikita Kuzmin

Role: Promoter and Chief Architect of Gozi virus.

Charged with: Computer intrusion, conspiracy and access device fraud, conspiracy and bank fraud.

Name: Mihai Ionut Paunescu

Role: Secure hosting provider for Gozi, SpyEye Trojan and Zeus Trojan creators.

Charged with: Wire fraud conspiracy, bank fraud conspiracy, committing computer intrusion.

Name: Deniss Calovskis

Role: Web inject codes development for Zeus and Gozi.

Charged with: Computer intrusion conspiracy, access device fraud conspiracy and bank fraud conspiracy.

Gozi Virus Development

Kuzmin started developing the Gozi virus in 2005 and its threats were identified by security experts in 2007. Kuzmin also hired another computer programmer to aid him in the development process. The Gozi virus remained virtually undetectable and allowed Kuzmin to steal personal banking information and other crucial information. In 2006, the virus was offered to others by Kuzmin against a weekly fee, which was considered to be his indictment fee. In 2009 a cybercriminal group requested Kuzmin to sell the source code for the virus so that they could use the Gozi for attacking the U.S. computers. Since mid-2010, Kuzmin started selling the Gozi virus source code to co-conspirators.

]]>

One Comment

Comments are closed.