Global Malware Case Nets 10 Hackers, 5 at Large in Russia

PITTSBURGH (CN) – U.S. authorities leveled charges Thursday against a ring of European and Russian hackers they say tried to steal nearly $100 million from their victims through a malicious software attack.

The FBI is seeking five Russian fugitives who have been charged in connection with malicious software attacks that infected tens of thousands of computers worldwide and caused more than $100 million in financial losses. (FBI Pittsburgh Field Office via AP)

As described in the indictment unsealed this morning in Pittsburgh, the malware program GozNym infected nearly 41,000 computers worldwide between 2015 and 2016, using a sophisticated campaign of spam emails disguised as authentic banking sites and business transactions.

Prosecutors say the scheme was designed by a network of 10 hackers, five of whom are Russian nationals still at large. They found one another, according to the indictment, on websites like Mazafaka, Verified and DirectConnection, Russian-language internet forums frequented by cybercriminals.

Relying on one another’s highly specialized skills, the hackers living in Russia, Ukraine, Moldova and Georgia developed the malware program to be encrypted so as to avoid detection by antivirus utilities. They mostly targeted U.S. businesses, phishing for passwords and other sensitive security information with keystroke-logging software.

Any money that was stolen from their victims’ bank accounts was then transferred into Bitcoin and then laundered into a series of Eastern European financial institutions, according to the indictment.

The defendants face charges including conspiracy to commit money laundering and computer fraud, as well as wire and bank fraud.

Krasimir Nikolov, of Varna, Bulgaria, has been in U.S. custody in connection to this case since his December 2016 arrest by Bulgarian authorities. 

Nikolov pleaded guilty last month in Pittsburgh in connection to the GozNym conspiracy and is scheduled to be sentenced on Aug. 30.

The five defendants who are already in custody are Alexander Konovolov, 35, of Tbilisi, Georgia; Marat Kazandjian, 31, of Kazakhstan and Tbilisi, Georgia; Gennady Kapkanov, 36, of Poltava, Ukraine; Alexander Van Hoof, 45, of Nikolaev, Ukraine; and Eduard Malanici, 32, of Balti, Moldova.

While Konovolov and Kazandjian are being prosecuted in Georgia for their roles in the GozNym criminal network, Kapkanov is facing prosecution in Ukraine, and Malanici is being prosecuted in Moldova, along with two associates.

The Russian defendants who remain at large are Vladimir Gorin, of Orenburg; Konstantin Volchkov, 28, of Moscow; Ruslan Katirkin, 31, of Kazan; Viktor Vladimirovich Eremenko, 30, of Stavropol; and Farkhad Rauf Ogly Manokhin, of Volgograd.

Their Justice Department began the investigation that brought today’s charges following a report in 2016 that several U.S. financial institutions were missing funds.

%d bloggers like this: