Security News > 2023 > June > Gozi banking malware “IT chief” finally jailed after more than 10 years

He was the Gozi group's web expert, coding up bogus HTML content that the malware could inject into legitimate web pages in order to trick victims and steal their account information.

Unlike many cybercriminals at the time, who profited from malware solely by using it to steal money, Kuzmin rented out Gozi to other criminals, pioneering the model of cybercriminals as service providers for other criminals.

For a fee of $500 a week paid in WebMoney, a digital currency widely used by cybercriminals, Kuzmin rented the Gozi "Executable", the file that could be used to infect victims with Gozi malware, to other criminals.

Kuzmin designed Gozi to work with customized "Web injects" created by other criminals that could be used to enable the malware to target information from specific banks; for example, criminals who sought to target customers of particular American banks could purchase web injects that caused the malware to search for and steal information associated with those banks.

Once Kuzmin's customers succeeded in infecting victims' computers with Gozi, the malware caused victims' bank account information to be sent to a server that Kuzmin controlled where, as long as the criminals had paid their weekly rental fee, Kuzmin gave them access to it.

"Virus", was sentenced to three years in prison today [] for conspiracy to commit computer intrusion in connection with running a "Bulletproof hosting" service that enabled cybercriminals to distribute the Gozi Virus, the Zeus Trojan, the SpyEye Trojan, and the BlackEnergy malware, all of which were designed to steal confidential financial information.

News URL

https://nakedsecurity.sophos.com/2023/06/13/gozi-banking-malware-it-chief-finally-jailed-after-more-than-10-years/