'Gozi' Virus Used to Steal Millions of Dollars

Three Eastern European men now stand accused of operating a global scam designed to steal "tens of millions" of dollars from banks by means of a special virus known as "Gozi."

The same virus is also said to have compromised about 190 computers at NASA during a five year period, revealing confidential log-in information and instant messaging transcripts.

Gozi Virus Infects 1 Million PCs

The prosecutors in the case claim the Gozi virus infected more than a million computers worldwide, including large numbers in such countries as Finland, France, Germany, Italy, Poland, Turkey and the United Kingdom.

In addition, officials think about 40,000 machines were infected by the same virus in the US.

It appears the virus plan itself was remarkably simple. The Gozi virus was spread through an infected PDF file sent as an attachment to an innocent-seeming email. Once installed on a computer, the Gozi virus collected sensitive personal data, including online banking details.

Though prosecutors didn't detail exactly how the Gozi virus worked, observers think the infection included a 'keylogger' tool that copied and sent to hackers whatever information victims typed into their computers.

At first the scammers reportedly used the stolen data to try to access online bank accounts and siphon off money. Later, they modified the Gozi virus so people using infected machines would be tricked into visiting a bogus website resembling their own bank's online pages.

At the bogus site, victims would unwittingly answer security questions and provide more detailed log-in data, giving the scammers a better chance of accessing legitimate accounts and draining them of their victims' money.

Thankfully, authorities believe only a small percentage of the people whose computers were infected actually suffered financial losses. However, those whose bank accounts were invaded often lost thousands of dollars each.

Cybercriminals Charged by US Authorities

The three men now accused of the crimes include Russian Nikita Kuzmin, Latvian Deniss Calovskis, and Romanian Mihai Ionut Paunescu. Prosecutors believe Kuzmin masterminded the operation, Calovskis took care of the technical issues, and Paunescu arranged for other criminals to help spread the virus. (Source: justice.gov)

Kuzmin was arrested in the US in May 2011 and initially faced 95 years in prison. He pleaded guilty to charges against him and then worked with authorities to help them catch his partners, Calovskis and Paunescu.

Calovskis and Paunescu were both arrested in their respective homelands in late 2012. They are now awaiting extradition to the US for trial. (Source: latimes.com)