US courts have ordered the creator of Gozi, a malware that can steal bank account details to pay $6.9m to cover the losses.
The Russian man Nikita Kuzmin has already been serving sentence in a US jail since 2011. He was one of the three creators of Gozi virus, which uses .PDF files to infiltrate into a computer and steals financial details from computers.
Kuzmin, with the help of this virus was able to infect an estimated one million computers worldwide, siphon from several thousands of bank accounts and stole millions of dollars in the process.
Victims mostly belonged to the US and European countries including Germany, UK, Poland, France, Finland, Italy and Turkey.
Kuzmin also rented out this virus to other hackers for $500 a week and earned about $250,000 from this process alone.
The virus was identified in 2007 and a server containing the details of about 10,000 bank accounts with credentials of over 5,200 personal computer users was discovered.
The records also included information from 300 companies, including leading global banks and financial services firms.
According to the US Department of Justice, Kuzmin used an online identity "76," advertised his cybercriminal business in the name of "76 Service," on underground cybercriminal forums. Kuzmin was ultimately arrested in 2010, when he had travelled to US to attend a conference. He was tried and found guilty and was sent to prison in May of 2011.
Voice of America reported about the prosecutors saying Kuzmin "committed this crime purely out of greed".
US Attorney Preet Bharara said in a letter to the court: "In renting the malware to others, Kuzmin made it widely accessible to criminals, in other words, to criminals who do not or need not have sophisticated computer science skills like Kuzmin and his Gozi co-creators.
"From this perspective, Kuzmin’s crime is particularly significant."
Kuzmin has now been released for the time served, because of cooperation agreement and for helping investigators in providing ‘substantial assistance’ for arresting Dennis Calovskis and Mihai Ionut Paunescu for their roles in Gozi virus development.
Dennis Calovskis, a Latvian national was arrested in 2012 for coding ‘web injects’ that enabled Gozi virus to target information from particular banks was found guilty and sentenced to 21 months prison term in January, 2016.
Mihai Ionut Paunescu, a Romanian has also been arrested and is awaiting extradition to US.