Authorities today announced charges against three men they say were involved with creating and distributing a banking virus known as Gozi that infected more than a million computers worldwide, stole bank account numbers and passwords, and caused tens of millions of dollars in losses over the better part of a decade.
The malicious code, described as “one of the most financially destructive computer viruses in history,” was first discovered by American cyber security experts in 2007, but New York prosecutors said today the criminal operation continued until March 2012.
According to a federal indictment, the code was “stealing personal bank account information (such as account numbers, usernames, and passwords) from computers across Europe on a vast scale, while remaining virtually undetectable in the computers it infected.”
Gozi spread to the U.S. no later than 2010 and eventually infected 160 computers belonging to NASA, court documents said.
The scheme “caused tens of millions of dollars in losses and affected well over one million computers in countries around the world,” said FBI Special Agent Kathryn Scott.
When the virus was discovered in 2007 by cyber security expert Don Jackson, he reported that he went undercover in Russian chat rooms to try and obtain a trial version of the virus. He got several offers for a few thousand dollars each, but cut off communication before any transaction was made.
Defendant Nikita Kuzmin, a Russian national who prosecutors say was there at the beginning and was the one who “began to design” the virus in 2005, pleaded guilty to various fraud charges in May 2011. His alleged co-conspirators Deniss Calovkis, a Latvian also known as “Miami,” and Mihai Paunescu, a Romanian also known as “Virus,” were arrested in their home countries last year and the U.S. is currently seeking extradition.
“This long-term investigation uncovered an international cyber crime ring whose far-reaching schemes infected at least one million computers worldwide and 40,000 in the U.S., and resulted in the theft or loss of tens of millions of dollars,” said FBI Assistant Director in Charge of New York offices George Venizelos. “Banking Trojans are to cyber criminals what safe-cracking or acetylene torches are to traditional bank burglars — but far more effective and less detectable. The investigation put an end to the Gozi virus.”