Gozi Virus Arrest Made in Colombia

A Romanian, accused of helping to distribute a computer virus that infected over a million machines, has been arrested in Colombia. 

Suspected cyber-criminal Mihai Ionut Paunescu is wanted in the United States for allegedly playing a role in the dissemination of the Gozi virus. The virus, which ravaged computers in at least eight different countries between 2007 and 2012, was used to steal money from victims' bank accounts. 

Prosecutors in New York claim that Paunescu was a member of a cyber-criminal organization that created and spread the virus along with other types of malware. 

The gang's long list of victims includes individuals and corporations based in Finland, Germany, the United Kingdom and the United States. Among the computers hit with Gozi virus was one belonging to America's National Aeronautics and Space Administration (NASA).

Gozi was hidden inside PDF documents. After infecting a computer, the virus worked to steal login credentials for bank accounts. 

According to an indictment filed in the Southern District Court of New York, the virus enabled the cyber-criminal gang to steal "tens of millions of dollars."

The gang also ran Gozi as a "virus for hire," charging other criminals $500 a week to use it. 

Paunescu, also known as "Virus," is accused of fashioning the bulletproof hosting systems that helped the virus files to avoid detection as they spread. 

Colombia’s Attorney General’s office said Paunescu was detained at the international airport in Bogota by the DIJIN investigative unit of the National Police. He was wearing a red T-shirt and sporting a thick beard at the time of his detention.

Paunescu was previously arrested in Romania in 2012 but managed to avoid extradition to the United States. 

In 2016, Russian-born Nikita Kuzmin was sent to prison for 37 months and ordered to pay nearly $7m in forfeiture and restitution after he pleaded guilty to creating the Gozi malware. 

Latvian Deniss Calovskis, who played a part in writing the code for customized web injects bought by Kuzmin's clients so that they could target specific banks, was sentenced to 21 months in prison in January of 2016. 

What’s Hot on Infosecurity Magazine?