View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
May 3, 2016updated 05 Sep 2016 11:50am

US court slaps $7m fine on Gozi malware creator

News: The virus Gozi appeared in 2007 and helped in siphoning millions of dollars.

By CBR Staff Writer

US courts have ordered the creator of Gozi, a malware that can steal bank account details to pay $6.9m to cover the losses.

The Russian man Nikita Kuzmin has already been serving sentence in a US jail since 2011. He was one of the three creators of Gozi virus, which uses .PDF files to infiltrate into a computer and steals financial details from computers.

Kuzmin, with the help of this virus was able to infect an estimated one million computers worldwide, siphon from several thousands of bank accounts and stole millions of dollars in the process.

Victims mostly belonged to the US and European countries including Germany, UK, Poland, France, Finland, Italy and Turkey.

Kuzmin also rented out this virus to other hackers for $500 a week and earned about $250,000 from this process alone.

The virus was identified in 2007 and a server containing the details of about 10,000 bank accounts with credentials of over 5,200 personal computer users was discovered.

The records also included information from 300 companies, including leading global banks and financial services firms.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

According to the US Department of Justice, Kuzmin used an online identity "76," advertised his cybercriminal business in the name of "76 Service," on underground cybercriminal forums. Kuzmin was ultimately arrested in 2010, when he had travelled to US to attend a conference. He was tried and found guilty and was sent to prison in May of 2011.

Voice of America reported about the prosecutors saying Kuzmin "committed this crime purely out of greed".

US Attorney Preet Bharara said in a letter to the court: "In renting the malware to others, Kuzmin made it widely accessible to criminals, in other words, to criminals who do not or need not have sophisticated computer science skills like Kuzmin and his Gozi co-creators.

"From this perspective, Kuzmin’s crime is particularly significant."

Kuzmin has now been released for the time served, because of cooperation agreement and for helping investigators in providing ‘substantial assistance’ for arresting Dennis Calovskis and Mihai Ionut Paunescu for their roles in Gozi virus development.

Dennis Calovskis, a Latvian national was arrested in 2012 for coding ‘web injects’ that enabled Gozi virus to target information from particular banks was found guilty and sentenced to 21 months prison term in January, 2016.

Mihai Ionut Paunescu, a Romanian has also been arrested and is awaiting extradition to US.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.