The Russian mastermind behind a computer virus that’s been used to steal tens of millions of dollars from American banks — and also infected about 190 NASA computers — has pleaded guilty to a slew of cyber-crimes and is cooperating with authorities, the feds revealed today.
Nikita Kuzmin, 25, was the “chief architect and promoter” of the “Gozi” virus, which has been secretly installed on more than 1 million computers worldwide — including about 40,000 in the U.S. — since its development in 2006.
He was busted quietly in November 2010 and cut a plea deal last year in hopes of avoiding nearly 100 years in the slammer.
Two other Eastern European men — one of whom aptly calls himself “Virus” — have also been arrested in their home countries for allegedly conspiring with Kuzmin to spread the malicious computer code.
Manhattan U.S. Attorney Preet Bharara said the feds are seeking to extradite Deniss “Miami” Calovskis, 27, and Mihai Ionut Paunescu, 28, who’s known as “Virus,” from Latvia and Romania, respectively, to face charges here.
Bharara called Kuzmin and the other men “three top international criminals” who served as an “Internet-age update on Willie Sutton,” the infamous Depression-era crook who said he robbed banks “because that’s where the money is.”
Manhattan FBI chief George Venizelos said the investigation of the Gozi virus began more than two years ago, and revealed that Kuzmin and others continually modified and upgraded the virus in an effort to keep it “a step ahead” of anti-virus programs.
The Gozi virus — which is often launched when a computer user clicks on an innocent-looking PDF file in an email — is designed to swipe personal banking information from individual and corporate computers so cyber-crooks can use it to drain the user’s bank accounts.
Court papers say the amounts stolen ranged as high as $6 million stolen from “two victims alone.”
Bharara said no money was stolen through the NASA infections, but court papers say the space agency incurred about $40,000 in damages as a result.
Bharara refused to comment on recent reports that a Russian hacker was recruiting accomplices for a massive cyber-attack, called “Project Blitzkrieg,” on 30 U.S. banks this spring using a variant of the Gozi virus.
But a law-enforcement source said authorities were investigating the threat, which was revealed in a Russian-language video posted on YouTube.
According to court papers, Kuzmin began designing the virus in 2005, creating a list of technical specifications and hiring a “sophisticated computer programmer” to write its source code.
Once the virus was created, Kuzmin leased it for use through various Internet forums devoted to cyber-crime and other criminal activities.
But after “various operational and technical difficulties” arose, in 2009 Kuzmin began selling copies of the virus for $50,000 a pop — plus a guaranteed share of whatever loot was stolen with it.
A Manhattan federal court indictment says his customers included a gang of unidentified thives who planned to use the virus to steal money from U.S. bank accounts “on a widespread basis.”
Calovskis accused of writing a “Web inject” program that tricked victims into providing personal information — including their Social Security numbers — after they logged onto their online bank accounts.
Paunescu is accused of renting computer servers and Internet Protocol addresses to provide “bulletproof” hosting services to spread the Gozi virus, along with other malicious software and spam emails.