Tuesday, May 3, 2016

Gozi Virus creator gets 37 months sentence time served



Image result for gozi virus
US Attorney discussing Gozi Virus

According to the feds..."Preet Bharara, the United States Attorney for the Southern District of New York, announced today that NIKITA KUZMIN, the creator of “Gozi” malware, was sentenced in Manhattan federal court to time served (37 months).  Gozi, which was used to steal money from bank accounts across the United States and Europe, infected over one million computers globally and caused tens of millions of dollars in losses.  KUZMIN pled guilty, pursuant to a cooperation agreement, to various computer intrusion and fraud charges in May 2011.  He was sentenced today by the Honorable Kimba M. Wood.
According to the charging and sentencing documents, and statements made in Manhattan federal court:
In approximately 2007, computer network security experts identified, for the first time, a form of malicious software, or malware, that was stealing victims’ personal bank account information on a widespread basis.  The malware, which the experts named “Gozi” (and which is sometimes called the “Gozi Virus”) infected the victim’s computer, among other ways, when the victim received and opened a .pdf document that was designed to appear innocuous and relevant to the victim.  Opening the .pdf caused Gozi to be downloaded onto the victim’s computer secretly, where it generally remained undetectable by anti-virus software.  Once downloaded, the malware collected bank account-related data from the victim’s computer, including the username and password, to access the victim’s bank account online.  The malware transmitted that data to the individuals who controlled the malware, which they used fraudulently to transfer money out of victims’ bank accounts.   The network security experts subsequently identified a server that contained certain data stolen by Gozi, including 10,000 account records belonging to over 5,200 personal computer users.  The records included login information for accounts at over 300 companies, including leading global banks and financial services firms.  
Coordinated efforts between U.S. and foreign law enforcement ultimately led to the identification of KUZMIN, a Russian national, as the individual who controlled the malware.  KUZMIN previously had significant computer science training, attending two major engineering universities in Russia and graduating with a computer science degree.
In addition to creating Gozi, KUZMIN developed an innovative means of distributing and profiting from it.  Unlike many cybercriminals at the time, who profited from malware solely by using it to steal money, KUZMIN rented out Gozi to other criminals, pioneering the model of cybercriminals as service providers for other criminals.  For a fee of $500 a week paid in WebMoney, a digital currency widely used by cybercriminals, KUZMIN rented the Gozi “executable,” the file that could be used to infect victims with Gozi malware, to other criminals.   KUZMIN designed Gozi to work with customized “web injects” created by other criminals that could be used to enable the malware to target information from specific banks; for example, criminals who sought to target customers of particular American banks could purchase web injects that caused the malware to search for and steal information associated with those banks.   Once KUZMIN’s customers succeeded in infecting victims’ computers with Gozi, the malware caused victims’ bank account information to be sent to a server that KUZMIN controlled where, as long as the criminals had paid their weekly rental fee, KUZMIN gave them access to it.  KUZMIN, who used the online identity “76,” advertised this cybercriminal business, which he called “76 Service,” on underground cybercriminal forums.  KUZMIN made at least a quarter of a million dollars renting and selling Gozi to other criminals.
In the course of the investigation, Gozi was found to have infected over one million computers across the United States, Germany, Great Britain, Poland, France, Finland, Italy, Turkey, and other countries.  U.S. victims include individuals, companies, and others, including the National Aeronautics and Space Administration (“NASA”).  Gozi caused at least tens of millions of dollars in losses to victims.
*              *             *
 In addition to the sentence, KUZMIN, 28, a citizen of Russia, was ordered to pay forfeiture and restitution in the amount of $6,934,979.
Does this make sense? Someone who has to pay back 6 million in restitution only does 37 months and it is time served since he did all of his time before he got sentenced? People who are fined less have to do more time. This is telling us that he cooperated and he took down bigger fish. The feds will never let anyone off the hook so easy without a payback. This is how they operate. If he would have gone to trial, he may never have seen the light of day.
To read more about federal prison, go here...http://www.amazon.com/gp/product/B011GTWLOG
   

No comments:

Post a Comment