Security & Fraud

Russian Hacker Behind Citadel Malware Faces 10 Years In Prison

A Russian hacker behind the Citadel malware toolkit pleaded guilty to computer fraud and faces a sentence of 10 years in a U.S. prison.

According to a report, Mark Vartanyan, who went by the online handle “Kolypto” and was behind the malware toolkit that resulted in more than $500 million being stolen from bank accounts, was extradited from Norway this past December and pleaded guilty earlier in the week in an Atlanta court. The Russian is slated to be sentenced in June, noted the report.

Citing U.S. authorities, the report noted that Citadel first made the rounds for sale on Russian-language forums in 2011. Hackers reportedly purchased the malware and targeted computer networks of financial and government institutions, including in the U.S., with the malware. Since it first was up for sale, Citadel has been responsible for infecting around 11 million computers around the globe and is to blame for more than $500 million in stolen money.

The U.S. Department of Justice said, according to the report, that for longer than two years starting in 2012 the defendant took part in the “development, improvement, maintenance and distribution” of Citadel. He is charged with uploading electronic files that consisted of Citadel malware, components, updates and patches, and customer information, noted the report. The report reported Vartanyan is the second person to be charged as the result of an investigation into Citadel malware. Two years ago Dimitry Belorossov was sentenced to four years, six months, in prison after pleading guilty to charges he committed computer fraud by distributing and installing the malware on unsuspecting victims’ computers.

In a separate action, a Lithuanian man was arrested over a phishing scheme that resulted in internet companies wiring more than $100 million to bank accounts he controlled. According to U.S. law enforcement officials,Evaldas Rimasauskas posed as an Asian-based computer hardware manufacturer to trick a “multinational technology company and a multinational online social media company” to send him money.



B2B APIs aren’t just for large enterprises anymore — middle-market firms and SMBs now realize their potential for enabling low-cost access to real-time payments and account data. But those capabilities are only the tip of the API iceberg, says HSBC global head of liquidity and cash management Diane Reyes. In this month’s B2B API Tracker, Reyes explains how the next wave of banking APIs could fight payments fraud and proactively alert middle-market treasurers to investment opportunities.

Click to comment