20.6 C
New York
Wednesday, September 28, 2022

Romanian hacker faces lawsuit in US over rental virus service

Cybercrime may be a global industry, but that doesn’t mean criminals are immune from cross-border prosecution.

The Department of Justice (DOJ) announced today that it has extradited dual Romanian/Latvian national Mihai Ionut Paunescu – known as “Virus” – to the United States from Colombia for allegedly designing malware used to steal money from bank accounts around the world and exploit the infrastructure used to distribute it.

Paunescu is said to be one of the creators of the Gozi virus, a Trojan horse that infected millions of computers in countries such as the United States, United Kingdom, Germany, Italy and Finland between 2007 and 2012. Distributed via corrupted PDF documents, the Gozi virus captured login credentials and bank passwords from infected machines, allowing its creators to steal tens of millions of dollars from bank accounts around the world.

According to a 2013 indictment in New York’s Southern District Court, Paunescu also ran a “bulletproof hosting” service that was rented out to other cybercriminals, providing servers that could be used for online criminal activities such as malware distribution and botnet control while keeping the identity of the operators anonymous.

The indictment also claims that NASA was a victim of the malware, with one of the allegations stating:

From the end of 2011 or towards the end of 2011 at least until the middle of 2012 or towards the middle of 2012, MIHAI IONUT PAUNESCU a/k/a/ “Virus” … caused the destruction of approximately 60 computers belonging to to the National Aeronautics and Space Administration (“NASA”). infected with the Gozi virus, causing losses of approximately $19,000 to NASA.

According to other details shared by US prosecutors, Paunescu was also a pioneer of a financial model that has become commonplace, where he would rent access to the virus and its earnings to other cybercriminals rather than use it himself. same. Paunescu allegedly charged $500 per week to use the Gozi virus as a service.

In the aftermath of the main period of Gozi virus activity, Paunescu was arrested in Romania in 2012 but managed to avoid extradition after being released on bail. Almost 10 years later, he was arrested in Colombia in June 2021 after being detained at Bogota airport, according to Colombia’s attorney general.

In a statement, Damian Williams, U.S. Attorney for the Southern District of New York, underscored the desire of prosecutors and law enforcement to hunt down cybercriminals for the long term.

“Even though he was originally arrested in 2012, Paunescu will ultimately be held accountable in a US courtroom,” Williams said. “This case demonstrates that we will work with our law enforcement partners here and abroad to prosecute cybercriminals who target Americans, however long it takes.”

Previously, another Latvian programmer involved in designing the virus was also extradited to the United States and sentenced to 37 months in prison and a $7 million fine after negotiating a plea bargain.

Bulletproof hosting services play a crucial role in global cybercrime, but operators often evade prosecution by hiding their identities or basing their activities in obscure locations. In 2019, German police raided a former NATO bunker that had been converted into a bulletproof hosting data center by a Dutch national who bought it from local authorities.

Related Articles


Please enter your comment!
Please enter your name here

Stay Connected


Latest Articles