Trojan Author Pleads Guilty

Friday, March 24, 2017 @ 10:03 AM gHale


A Russian programmer thought to be the mastermind behind the Citadel Trojan which was responsible for stealing over $500 million from bank accounts, pleaded guilty to one count of computer fraud.

Mark Vartanyan, also known by the name of “Kolypto,” ended up arrested last year in Norway and extradited to America a month later. He ended up charged with one count of computer fraud, for which he pleaded guilty.

RELATED STORIES
Four Charged with Yahoo Hack Attack
Turkish Hacker gets 8 Years in Prison
Hacker with Russia Ties Faces Hacking Charges
Celebrity Hacker gets 9 Months

In exchange for his admission, Vartanyan could get up to 10 years in prison and a $250,000 fine, reduced from 25 years behind bars. He faces sentencing in June.

“We must continue to impose real costs on criminals who believe they are protected by geographic boundaries and can prey on the American people and institutions with impunity,” said FBI special agent David LeValley. “It further demonstrates the FBI’s long-term commitment to identifying and pursuing cyber criminals world-wide, and serves as a strong deterrent to others targeting America’s financial institutions and citizens through the use of malicious software.”

The Citadel Trojan goes all the way back to 2011 when it infected Windows PCs by learning victims’ online banking credentials which allowed bad guys to pilfer funds from bank accounts. Citadel could also spy on computers and hold files for ransom.

At its height, the malware infected 11 million computers and was responsible for the theft of over $500 million from bank accounts, U.S. prosecutors said.

“Between on or about August 21, 2012, and January 9, 2013, while residing in Ukraine, and again between on or about April 9, 2014, and June 2, 2014, while residing in Norway, Vartanyan allegedly engaged in the development, improvement, maintenance and distribution of Citadel. During these periods, Vartanyan allegedly uploaded numerous electronic files that consisted of Citadel malware, components, updates and patches, as well as customer information, all with the intent of improving Citadel’s illicit functionality,” prosecutors said.

There are still some versions of the malware still circulating. At its base, Citadel is a variant of the famous ZeuS banking Trojan.

Citadel was one of the first malware-as-a-service out there, with its source code sold on exclusive Russian dark web forums.



Leave a Reply

You must be logged in to post a comment.