Developer Of Citadel Trojan Faces 10 Year Prison Sentence

The Russian mastermind of the Citadel Trojan that infected approximately 11 million computers around the world, has pleaded guilty to one count of computer fraud, in an Atlanta courtroom.

Mark Vartanyan, 29, otherwise known as Kolypto, developed and distributed the notorious Citadel Trojan, which was used by criminal gangs to steal bank account data and hold files to ransom.

Vartanyan faces up to 10 years in prison, and a fine of $250,000, as well as “full restitution, due and  payable immediately, to all victims of the offense(s)”, and “forfeiture of any and all proceeds from the commission of the offense”.

Prison Sentence

Vartanyan had been extradited from Norway in December to the United States.

According to US prosecutors the malware he created whilst living in Ukraine and Norway infected about 11 million computers worldwide.

Indeed, Citadel was actually a malware toolkit that was designed to infect computer systems and steal financial account credentials and personally identifiable information from victim computer networks.

The malware was active from 2011, and was offered for sale on invite-only, Russian-language internet forums frequented by cybercriminals. According to US authorities, the criminals using Citadel targeted and exploited the computer networks of major financial and government institutions around the world.

They cited industry estimates as saying that Citadel was responsible for over $500 million (£399m) in losses.

Vartanyan pleaded guilty to one count of computer fraud, in a court in Atlanta, after he uploaded “numerous electronic files” for the Citadel malware.

But it should be noted that Vartanyan is co-operating with US authorities in exchange for a reduced prison sentence. He is due to be sentenced in June.

Vartanyan is also the second defendant charged in connection with an ongoing investigation of the Citadel malware.

Back in September 2015, another Russian Dimitry Belorossov (i.e. Rainerfox) was sentenced to four years, six months in prison following his guilty plea for conspiring to commit computer fraud for distributing and installing Citadel onto victim computers using a variety of infection methods.

Banking Security

Banks of course are a prime target for cyber criminals, thanks to the potentially lucrative rewards.

One of the most common threat vectors is the “Man-in-the Browser” issue. This is where stealthy pieces of malware install a Trojan horse onto a victim’s computer that is capable of not only stealing usernames and passwords, but also injects arbitrary content into their computer.

The banking sector is particularly prone to this threat, and the malware can be used to steal usernames, passwords and PIN codes, and also modify websites in order to social engineer and steal additional credentials.

Quiz: Do you know all about security in 2016?

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Microsoft Executive Indicates Departmental Hiring Slowdown

Amid concern at the state of the global economy, a senior Microsoft executive tells staff…

10 hours ago

Shareholders Sue Twitter, Elon Musk For Stock ‘Manipulation’

Disgruntled shareholders are now suing both Twitter and Elon Musk, over volatile share price swings…

11 hours ago

Google Faces Second UK Probe Over Ad Practices

UK's competition watchdog launches second investigation of Google's ad tech practices, and whether it may…

13 hours ago

Elon Musk Raises His Contribution To Twitter Acquisition

But one of Elon Musk's biggest backers on the Twitter board has tendered his resignation…

1 day ago

Broadcom Confirms VMware Acquisition For $61 Billion

Entry into cloud infrastructure software for US chip firm Broadcom after it confirms reports it…

1 day ago