US: 3 charged over 'Gozi' global computer virus (Update)

Jan 23, 2013 by Larry Neumeister

Three men from Russia, Romania and Latvia were in custody Wednesday in the U.S. on charges that they spread a computer virus to more than a million computers worldwide, including almost 200 of the U.S. space agency, siphoning off passwords and online banking information that allowed hackers to steal tens of millions of dollars.

Their arrests were announced as federal authorities unsealed court documents accusing the men of participating in a conspiracy that began in 2005. NASA computers were among those infected by what was called the Gozi virus.

The NASA breach occurred from Dec. 14, 2007, to Aug. 9, 2012, when about 190 agency computers were infected, according to court documents. Between May and August last year, they said, the infected computers sent data without the user's authorization, including the contents of Google chat messages.

The Gozi virus was designed in 2005 and distributed beginning in 2007, when it was secretly installed onto each victim's computer in a manner that left it virtually undetectable by antivirus software, the complaint said.

According to court papers, Romanian national Mihai Ionut Paunescu set up online infrastructure that allowed others to distribute the damaging programs, causing tens of millions of dollars in losses and affecting well over a million computers worldwide.

Paunescu was arrested in Romania. Deniss Calovskis was arrested in Latvia, where he is a citizen and resident, on charges including bank fraud conspiracy. Nikita Kuzmin, a Russian national, was arrested in New York on various charges, including bank fraud and bank fraud conspiracy.

It was not immediately clear who would represent the defendants in court.

A charging document against Kuzmin accused him of designing the Gozi virus as a way to steal the personal bank account information of individuals and businesses in a widespread way.

It said he hired a programmer to write it and began in 2006 to rent the virus to others for a weekly fee, advertising it on Internet forums devoted to cybercrime and other criminal activities. In 2009, according to the document, Kuzmin was approached by others who wanted to acquire the source code so they could attack computers and steal money from bank accounts in the United States and, in particular, European countries. The document said Kuzmin offered the code to other groups of people for $50,000 plus a guaranteed share of future profits.

According to court documents, Calovskis had training and expertise in computer programming when he was hired by a co-conspirator to upgrade the virus with new code that would deceive victims into divulging additional personal information, such as mother's maiden names. Federal authorities sought at least $50 million from Calovskis, an amount of money they said was obtained through the conspiracy.

Explore further: Twitter rules out Turkey office amid tax row

1 /5 (1 vote)
add to favorites email to friend print save as pdf

Related Stories

Authorities bust 3 in infection of 13M computers

Mar 02, 2010

(AP) -- Authorities have smashed one of the world's biggest networks of virus-infected computers. It was a data vacuum that stole credit cards and online banking credentials from as many as 12.7 million poisoned PCs.

Two Latvians indicted in US in 'scareware' scam

Jun 23, 2011

Two Latvians have been indicted and dozens of computers and servers seized in the United States and Europe in a crackdown on international cybercrime, the US Justice Department said Wednesday.

Recommended for you

Twitter rules out Turkey office amid tax row

5 hours ago

Social networking company Twitter on Wednesday rejected demands from the Turkish government to open an office there, following accusations of tax evasion and a two-week ban on the service.

How does false information spread online?

7 hours ago

Last summer the World Economic Forum (WEF) invited its 1,500 council members to identify top trends facing the world, including what should be done about them. The WEF consists of 80 councils covering a wide range of issues including social media. Members come ...

User comments : 0

More news stories

Quantenna promises 10-gigabit Wi-Fi by next year

(Phys.org) —Quantenna Communications has announced that it has plans for releasing a chipset that will be capable of delivering 10Gbps WiFi to/from routers, bridges and computers by sometime next year. ...

Floating nuclear plants could ride out tsunamis

When an earthquake and tsunami struck the Fukushima Daiichi nuclear plant complex in 2011, neither the quake nor the inundation caused the ensuing contamination. Rather, it was the aftereffects—specifically, ...

Unlocking secrets of new solar material

(Phys.org) —A new solar material that has the same crystal structure as a mineral first found in the Ural Mountains in 1839 is shooting up the efficiency charts faster than almost anything researchers have ...

Patent talk: Google sharpens contact lens vision

(Phys.org) —A report from Patent Bolt brings us one step closer to what Google may have in mind in developing smart contact lenses. According to the discussion Google is interested in the concept of contact ...

How kids' brain structures grow as memory develops

Our ability to store memories improves during childhood, associated with structural changes in the hippocampus and its connections with prefrontal and parietal cortices. New research from UC Davis is exploring ...

Gate for bacterial toxins found

Prof. Dr. Dr. Klaus Aktories and Dr. Panagiotis Papatheodorou from the Institute of Experimental and Clinical Pharmacology and Toxicology of the University of Freiburg have discovered the receptor responsible ...