Three Men Charged with Developing, Distributing Gozi Malware


Preet Bharara, the U.S. Attorney of the Southern District of New York, today announced indictments against three men -- Nikita Kuzmin, Deniss Calovskis and Mihai Ionut Paunsecu -- who Bharara says "played critical roles in creating and distributing the Gozi Virus, one of the most financially destructive computer viruses in history."

"Federal law enforcement officers arrested Mr. Kuzmin as he visited California in 2010 and persuaded him to cooperate," writes The New York Times' Somini Sengupta. "He helped prosecutors nab the other two men, who were arrested in late 2012 in their home countries and are awaiting extradition."

"The trio is alleged to have conspired to steal at least $50 million from online bank accounts of people whose computers were hit with the Gozi virus," writes Computerworld's Jaikumar Vijayan. "The indictments alleged that the three individuals, described as software experts, used Gozi to infect at least 100,000 computers around the world, including 25,000 in the United States."

"Kuzmin is alleged to be the author of Gozi and it was he who provided access to his co-conspirators to the malware," writes Threatpost's Michael Mimoso. "Chat files obtained in search warrants in 2009, 2010 and 2011 show conversations between Kuzmin and numerous customers looking for malware for particular operating systems and configurations, bank account information and exploits for computers in numerous countries, primarily in Europe."

"Kuzmin rented the virus to criminals through what he called '76 Service' from 2006 to 2008, the U.S. said," write BusinessWeek's Bob Van Voris and Patricia Hurtado. "He then sold the source code to co-conspirators in 2009 and 2010, for at least $50,000 a sale, plus a share of the buyers’ illegal profits, prosecutors said."

"First discovered in early 2007, the Gozi Trojan is a stealthy, cybertheft tool that typically evades anti-virus detection for weeks -- sometimes months -- at a time," writes Krebs on Security's Brian Krebs. "Cyber forensics experts say Gozi has remained a potent threat, mainly because its author has been very selective in choosing new customers and fastidious in creating custom, undetectable versions of the malware."

"Kuzmin faces a maximum penalty of 95 years in prison; Calovskis faces 67 years, while Paunescu faces 60 years," writes Wired's Kim Zetter.