The creator of one of the world’s first pieces of banking malware has been forced to pay nearly $7 million after being sentenced to time served of 37 months in a Manhattan court on Monday.
Russia-born Nikita Kuzmin had already pleaded guilty to several hacking and fraud offenses in 2011.
He was accused of creating the Gozi malware, which began stealing victims’ bank account information in around 2007, undetected by most AV software.
In total, he was ordered to pay “forfeiture and restitution” of $6,934,979 – partly a reflection of the damage caused by his malware, which is said to have infected a million computers around the world and cost tens of millions in losses.
Kuzmin is also credited in a DoJ release outlining the case with being one of the first cyber-crimnals to hire out his services and infrastructure to others.
He apparently rented out the Gozi executable to other hackers for $500 per week – to be paid in digital currency, WebMoney. Using the online alias “76” he would allow them to access the C&C server where the stolen data was sent.
Customized “web injects” could additionally be bought by Kuzmin’s clients to target attacks at specific banks, according to the DoJ.
Deniss Calovskis, aka ‘Miami,’ was handed down 21 months back in January for his part in writing the code for these web injects.
Kuzmin’s underground “76 Service” business is said to have made him at least $250,000.
When they finally located the C&C server, investigators in the case found 10,000 stolen account records belonging to over 5200 PC users – including log-ins for more than 300 global banks and other financial services firms.
Despite the multi-million dollar order by the court to pay up, Kuzmin escaped more jail time.
Others involved in the case include Mihai Ionut Paunescu, aka ‘Virus,’ who is accused of supporting Kuzmin via his bulletproof hosting service. He’s apparently awaiting extradition, having been arrested in Romania in 2012.