Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Three charged with distributing Gozi virus

The defendants face a variety of charges in a U.S. court

Three people allegedly involved for years in cybercriminal activities in Eastern Europe have been charged in a U.S. court for creating and distributing the Gozi virus that infected more than 1 million computers and allowed cybercriminals to steal millions of dollars over a five-year period.

The three defendants, Nikita Kuzmin of Russia, Mihai Ionut Paunescu of Romania, and Deniss Calovskis of Latvia, face a variety of charges in U.S. District Court for the Southern District of New York, the U.S. Department of Justice announced Wednesday. Gozi targeted online banking credentials and other online accounts and infected 40,000 computers in the U.S., including 160 at NASA, the U.S. space agency.

Kuzmin, the alleged chief architect and promoter of Gozi, faces charges of bank fraud and conspiracy, access device fraud and conspiracy, and computer intrusion, among other charges. Kuzmin allegedly began working on Gozi in 2005, and computer security experts discovered the threat in 2007, according to court documents.

Paunescu, who allegedly provided secure hosting to the creators of Gozi, the Zeus Trojan and the SpyEye Trojan, faces charges of conspiracy to commit computer intrusion, conspiracy to commit bank fraud and conspiracy to commit wire fraud.

Calovskis, who allegedly developed Web injects code for both Gozi and Zeus, faces charges of bank fraud conspiracy, access device fraud conspiracy and conspiracy to commit computer intrusion, among other charges.

Early in the development of the virus, Kuzmin hired a computer programmer to help him develop Gozi, which stole personal bank and other information from computers while remaining virtually undetectable, according to court documents. In 2006, Kuzmin allegedly began offering the virus to others for a weekly fee, his indictment said.

The stolen data was sent back to a server controlled by Kuzmin, the DOJ alleged. In 2009, a group of cybercriminals asked Kuzmin to sell them the source code of Gozi so they could attack U.S. computers, the DOJ said. Kuzmin sold the source code to several co-conspirators through mid-2010, according to court documents.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

Recommended

  1. Australian government releases big data issues paper

  2. The good oil

  3. From CMO to CEO: Anametrix’s Pelin Thorogood

    CMO

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Department of Justice, DOJ, IDG, NASA
Comments are now closed.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: U.S. Department of Justice, Nikita Kuzmin, Mihai Ionut Paunescu, security, Deniss Calovskis, legal, Exploits / vulnerabilities, malware, cybercrime, U.S. District Court for the Southern District of New York
Latest Blog Posts
Whitepapers
  • Pathways Advanced ICT Leadership Development Program Course Outline and Big 6 2013
    Developed by the CIO executive Council in conjunction with Rob Livingstone Advisory, Pathways Advanced is a 12-month CIO delivered, small group, mentor based professional leadership development program. Pathways Advanced brings together best practice, thought leadership and business insights for today’s most promising ICT professionals
    Learn more »
  • Endpoint Security and Virtualisation
    Besides form factor, virtual systems are not really that different than physical systems. They both use the same operating systems and applications. They both present users with computing resources such as RAM and hard drives. Consequently, the ability to exploit vulnerabilities in a physical environment will present a significant threat to virtualised environments as well. This paper examines the different endpoint security methods for virtualised environments and presents how Endpoint Protection security provides optimal performance, protection and manageability.
    Learn more »
  • New Demands for Real-time Threat Management
    Many organisations are evaluating a new security model based upon IT risk management best practices. This is a good idea, but not enough for today’s dynamic and malevolent threat landscape. To keep up with IT changes and external threats, large organisations need to embrace two new security practices: real-time risk management for day-to-day security adjustments and real-time threat management to detect and remediate sophisticated, stealthy, and damaging security breaches (i.e., advanced persistent threats, or APTs). Learn more.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments