All the latest UK technology news, reviews and analysis

Gozi banking malware trio up in court

24 Jan 2013
malware virus security

The creator and distributor of the infamous Gozi banking malware has been charged by a New York court, along with two suspected accomplices.

The US Attorney's office for the Southern District of New York released a document on Wednesday confirming 25-year-old Nikita Vladimirovich Kuzmin, 27-year-old Deniss Calovskis and 28-year-old Mihai Ionut Paunescu have been charged for a variety of offences relating to the banking malware.

The list of charges includes bank and wire fraud, access device fraud and computer intrusion.

Russian national Kuzmin has spent the last two years cooperating with the authorities having plead guilty to the charges shortly after his arrest in November 2010.

Latvian national, Calovskis was arrested in Latvia a year later in November 2011. Romanian Paunescu was arrested in his native country a month later.

The Gozi malware is infamous within the banking and security sector. Current estimations indicate the malware has cost industry tens of millions of dollars, having infected at least 40,000 computers in the US, over 160 of which are thought to have belonged to space agency Nasa.

The malware was particularly dangerous due to its ability to avoid virus scanners and its commercial availability.

The service was available via the 76 Service cyber black market from 2007 in exchange for a weekly fee. The service allowed cyber criminals to use and customise the Gozi malware to meet their needs.

Kuzmin stands accused of masterminding the operation, with the court documents alleging he began creating recruiting a team to create the malware at an undisclosed point in 2005.

Calovskis stands accused of helping to tweak Gozi's code, providing web injections to help customers customise the malware.

Paunescu is believed to have operated a hosting service that provided criminal customers with servers and IP addresses to send out phishing emails spreading the Gozi virus.

He is also believed to have provided similar services to help distribute the Zeus and SpyEye banking Trojans.

If found guilty, Kuzmin faces a maximum penalty of 95 years in prison for his involvement, while Calovskis faces 67 years and Paunescu 60 years.

The case follows an influx of new attacks targeting financial institutions. Most recently at the end of 2012 a new version of the notorious Citadel banking Trojan was uncovered targeting the financial industry.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

Tech gifts for Christmas 2014

Is a new tablet on your wish list this festive season, or have they become yesterday’s fad?

Popular Threads

Powered by Disqus
iPhone 6 is available in silver gold and space grey

iPhone 6 video review

The best iOS handset to date

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Oracle E-Business Suite (EBS) R12 Project Manager

A large Professional Services company are looking for...

IT Asset Specialist

Mobilisation specialists required….. Nationwide...

C# / ASP.NET Developers / Senior Developers

Job Description We're looking for other people like...

Graduate/ Junior Developer

About the company: Firmstep is a leader in helping...
To send to more than one email address, simply separate each address with a comma.