Three Hackers Charged With Computer Virus Attack On Bank Accounts
January 23, 2013

Three Hackers Charged With Computer Virus Attack On Bank Accounts

Michael Harper for — Your Universe Online

Today, US prosecutors have brought charges against 3 hackers for their involvement with a computer virus which has been used to infect computers and steal banking information from more than one million machines.

According to Bloomberg, prosecutors in the office of Attorney Preet Bharara in Manhattan brought charges against Mihai Ionut Paunescu, Deniss Calovskis and Nikita Kuzmin. These three men have been accused of creating and distributing the Gozi virus, which not only stole banking credentials, it also infected a machine at NASA and was used to steal login information from an eBay account.

According to recently unsealed documents, 25-year old Russian citizen Nikita Kuzmin is accused of designing the Gozi virus, as well as operating an online forum used by other cybercriminals to share the best practices for hacking.

Mr. Kuzmin is suspected of devising the technical specifications for Gozi, then hiring a programmer to write the malicious code for him. Mr. Kuzmin was also arrested in San Francisco when he visited in 2010 on charges of bank fraud.

The other two men were arrested overseas late last year. American authorities are now seeking to extradite these men in the case.

According to the Wall Street Journal, Deniss Calovskis is a Latvian citizen who used the pseudonym “Miami” while online. Mr. Calovskis was hired to write web-injection code for Gozi and other pieces of malware. This web-injection code was used to change the way banking Websites looked on an infected machine. Thinking the site was safe, users would then provide the hackers with even more personal information about themselves, such as their mother´s maiden name. This information was then used to take even more money from the victims. All told, the Gozi virus is said to be responsible for losses in the tens of millions of dollars.

The virus is also said to have infected more than one million computers across the world. Some 40,000 of these computers were located in the US, according to court documents. The virus was allegedly spread through infected email links; when a user clicked one of these links, the virus was downloaded. Gozi is also said to have been able to operate quietly without being detected by antivirus software.

The third suspect, Mihai Ionut Paunescu is a Romanian citizen who allegedly went by the name “Virus” while online. Mr. Paunescu operated a “bulletproof hosting” service in Romania, the US and elsewhere. This hosting service helped other cyber criminals avoid law-enforcement, allowing them to continue their crimes unmolested.

According to court documents, Mr. Paunescu helped distribute the Gozi virus and other pieces of malware in addition to helping other hackers carry out Distributed Denial of Service (DDoS) attacks. These attacks overload Websites, causing them to crash. Botnets are often used to carry out these DDoS attacks, and are often populated by computers infected with malware. Mr. Paunescu was responsible for the NASA and eBay attacks.