[BreachExchange] Colombia catches hacker wanted in the U.S. for ‘Gozi’ virus
Sophia Kingsbury
sophia.kingsbury at riskbasedsecurity.com
Wed Jun 30 11:04:17 EDT 2021
https://apnews.com/article/caribbean-europe-colombia-technology-cd1c18d7de7e86e9e1088e1881f15a35
Colombian officials say they have arrested a Romanian hacker who is wanted
in the U.S. for distributing a virus that infected more than a million
computers from 2007 to 2012.
Mihai Ionut Paunescu faces computer intrusion and banking fraud charges in
New York, where prosecutors say he was part of a ring of criminals that
developed and spread the “Gozi” virus and other forms of malware that were
used to steal money from bank accounts.
Prosecutors say that Gozi infected computers in at least eight countries,
including the United States, Germany, Finland and the United Kingdom.
Victims included individuals, corporations and also computers belonging to
NASA.
The virus traveled within PDF documents and once it entered a computer it
was able to steal bank account passwords, enabling cyber criminals to take
“tens of millions of dollars” from victims according to an indictment filed
in the Southern District Court of New York.
Prosecutors say Paunescu designed hosting systems that helped cyber
criminals to share the virus files without being detected. The virus was
rented out to criminal operators for a fee of $500 a week.
In 2016, the virus’ creator, Nikita Kuzmin, was sentenced to 37 months in
prison and fined $7 million following a plea bargain. A Latvian programmer
who helped design the virus also received a 21-month prison sentence after
being extradited to the U.S.
Paunescu had been arrested in Romania in 2012, but was able to avoid
extradition. Colombia’s Attorney General’s office said he was detained at
Bogota’s international airport, sporting a thick beard and wearing a red
t-shirt.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210630/aa72a1a8/attachment.html>
More information about the BreachExchange
mailing list