In association with heise online

25 January 2013, 10:11

Gozi trojan: Charges brought against three Europeans in the US

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Trojan icon Authorities in the US have brought charges against three suspects thought to be responsible for one of the most financially harmful trojans in history. Their Gozi trojan is believed to have infected more than a million computers worldwide, causing financial losses of several tens of millions of US dollars. Charges have now been brought against a Russian national who is accused of having created the trojan, a Latvian national who is thought to have made it more dangerous, and a Romanian national who is believed to have provided a secure deployment channel.

The Gozi trojan surfaced in 2007 and harvested online banking information for its creators on a large scale. The trojan not only affected hundreds of thousands of private computers, it also compromised systems at organisations such as NASA, as well as businesses and government authorities, said the US Department of Justice. The criminals behind the attacks used the harvested information to gain unauthorised access to victims' bank accounts and transfer money from there to their own accounts.

The US Department of Justice provided a detailed description of how the malware is thought to have been developed and deployed. Apparently, the main suspect, a 25-year-old Russian national who was arrested in 2010 and who has already pleaded guilty, issued something like an invitation to tender for the development of the trojan. The programming work was done by a hired developer. The main perpetrator is then thought to have made the trojan available to hire for a weekly fee. Customers themselves were in control of which targets were attacked, and the stolen data was stored for them. From 2009, the trojan was also sold directly, the Department of Justice said.

Those responsible for the malware are also thought to have made regular payments to programmers for the ongoing development of the trojan. According to the US authority, a 27-year-old hacker who was arrested in his home country of Latvia in November 2012 was especially effective in this field. His modifications are thought to have made it possible to harvest even more sensitive data from victims' computers. A 28-year-old Romanian national who was arrested in his home country in December 2012 has been accused of making servers available to those responsible for the trojan. His "bulletproof hosting" service was apparently used to distribute the Gozi trojan, as well as the Zeus and SpyEye malware.

Preet Bharar, United States Attorney for the Southern District of New York, said: "this case should serve as a wake-up call to banks and consumers alike, because cybercrime remains one of the greatest threats we face, and it is not going away any time soon." Should the defendants be found guilty, the Department of Justice said that they face a maximum prison sentence of 60 to 95 years.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit