U.S. Charges Three Hackers Over 'Gozi' Cybervirus That Attacked NASA, Banks

24 January 2013, 11:33 am EST By Alexandra Burlacu email: a.burlacu@mobilenapps.com Mobile & Apps

The U.S. has charged three Eastern European men with running an international cyber-theft ring that hacked into 1 million computers, including NASA systems.

The trio of young men reportedly used malware dubbed the "Gozi Virus" to break into computers across Europe and America, causing "millions in losses by, among other things, stealing online banking credentials," per the federal prosecutor's office.

Russian national Nikita Kuzmin, aged 25, was allegedly the designer and "chief architect" of the "Gozi Virus." Authorities detained Kuzmin on U.S. soil back in 2010, and the cybercriminal pleaded guilty the following year, agreeing to cooperate with investigators.

Kuzmin created the virus with the main purpose of stealing personal bank account information, including customers' usernames and passwords. The virus dates back to 2005, but security researchers only identified it in 2007, when they discovered the malware was siphoning funds out of bank accounts.

The "Gozi Virus" has infected more than 1 million computers worldwide, including more than 160 machines belonging to NASA, said the U.S. Federal Bureau of Investigation (FBI). The losses to individuals, businesses, and government entities amount to tens of millions of dollars, according to the Bureau's estimates.

Back in November, authorities also arrested 27 year-old Deniss Calovskis in his native Latvia, and charged him with writing some of the code in the malware. Calovskis' contribution to the Gozi Virus included slipping additional code into users' browsers when they accessed their online banking services. The extra code tricked users into submitting specific personal information that would be needed to manage their account. Such information included their social security number, their mother's maiden name, their driver's license information, as well as their PIN.

The third offender, 28 year-old Romanian citizen Mihai Ionut Paunescu, was arrested in his home country in December and charged with running a so-called "bulletproof hosting" service. That service allegedly enabled the distribution of the Gozi virus and other malware. Paunescu's service has nothing to do with the legitimate Australian Web host that bears the same name.

"This long-term investigation uncovered an alleged international cybercrime ring whose far-reaching schemes infected at least 1 million computers worldwide and 40,000 in the US, and resulted in the theft or loss of tens of millions of dollars," said FBI assistant director-in-charge George Venizelos.

The investigation took two years and a half, throughout which the FBI has worked with Britain, Finland, Germany, the Netherlands, Latvia, Moldova, Romania, and Switzerland. Authorities seized 51 servers in Romania alone, and 250 terabytes of information.

Calovskis was arrested in Latvia, Kuzmin was in U.S. custody, while Paunescu was in Romanian custody. The cases are U.S. v. Kuzmin, 11-cr-387; U.S. v. Calovskis, 12-cr-487; and U.S. v. Paunescu, 13-cr-41, U.S. District Court, Southern District of New York (Manhattan).

©2018Mobile & Apps, All rights reserved. Do not reproduce without permission.

Join Our Conversation

Sign up for our Newsletter

Most Popular

Real Time Analytics