Security News > 2023 > June > Last of the Gozi 3 sentenced over Windows info-stealing malware ops
The last of the three men said to be responsible for infecting Windows computers with the banking trojan Gozi has been sentenced to three years.
Mihai Ionut Paunescu, 37, was said to have supplied the bulletproof hosting that is so vital for the efficient running of malware ops, allowing his co-conspirators to distribute the Gozi malware that stole confidential financial information from millions of computers, among them some Windows boxes running at NASA. The Romanian national, whom Feds say was also known as "Virus," was sentenced [PDF] to three years in prison on Monday.
Bad news, it's now a backdoor Suspected Gozi malware gang 'CIO' extradited to US on fraud, hacking charges Gozi trojan mastermind sentenced by US court to time served Coder pleads guilty to writing Gozi banking trojan.
Unlike many cybercriminals at the time, who profited from malware solely by using it to steal money, Kuzmin rented out Gozi to other criminals, pioneering the model of cybercriminals as service providers for other criminals.
For a fee of $500 a week paid in WebMoney, a digital currency widely used by cybercriminals, Kuzmin rented the Gozi "Executable," the file that could be used to infect victims with Gozi malware, to other criminals.
Gozi malware is still in widespread use by today's criminals, with its longevity chalked up partially by researchers at Checkpoint to an incident where the source code to the Gozi "ISFB" variant leaked some time between 2013 and 2015.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/06/13/paunescu_sentence_gozi/
Related news
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- New SteelFox malware hijacks Windows PCs using vulnerable driver (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)
- Windows, macOS users targeted with crypto-and-info-stealing malware (source)
- New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools (source)