iTnews
  • Home
  • News
  • Technology
  • Security

Citadel malware writer 'Kolypto' charged

By Juha Saarinen on Mar 17, 2017 6:29AM
Citadel malware writer 'Kolypto' charged

Original developer still on the run.

A Russian man accused of being the main developer of the Citadel malware that infected millions of computers globally has been arraigned in a United States district court.

Mark Vartanyan was extradited last December from Norway where he worked as the chief technical officer for e-healthcare firm Dignio.

Known online as "Kolypto", he is alleged to have developed, improved, maintained, and distributed Citadel from August 2012 while living in Ukraine, and continuing to do so in 2014 after he moved to Norway.

US prosecutors said Citadel was for sale on invite-only Russian language crime forums from 2011. 

The malware was designed to steal financial account credentials and personal information while disabling anti-virus programs.

It is believed to have infected over 11 million computers worldwide, causing losses of over US$500 million (A$652 million).

Banks and financial institutions targeted by Citadel included American Express, Bank of America, Citigroup, Credit Suisse, PayPal, HSBC, JPMorgan Chase, Royal Bank of Canada, and Wells Fargo.

A joint operation including Microsoft and law enforcement in several countries took down the Citadel botnet in 2013.

Vartanyan was first thought to be "Aquabox", the original developer of Citadel who released the malware in 2011. This turned out to be incorrect and "Aquabox" is still at large.

Russia has protested Vartanyan's extradition to the US, saying it goes against international law.

Another Russian man, "RainerFox" or Dimitry Belorossov, received a four-and-a-half-year prison sentence in the United States in 2015 for using Citadel to infect over 7000 computers worldwide.

Earlier this week, US authorities indicted three Russian men and one Canadian over the massive Yahoo data breach in 2014. Two of the men, Dimitry Dokuchaev and Igor Suschkin, work for Russia's Federal Security Service FSB. 

Russian Alexsey Belan and former Kazakhstani national Karim Baratov, who now holds Canadian citizenship, were also indicted. Of the four, only Baratov has been arrested.

The US and Russia are squabbling over another cybercrime extradition case, involving Russian Yegenyiy Nikulin, alleged to be the mastermind behind the 2012 data breaches that affected professional networking site LinkedIn and cloud storage company Dropbox.

Nikulin, a multimillionaire entrepreneur, is currently being held by Czech authorities in Prague, with both the US and Russia requesting his extradition.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
botnetcitadeldimitry belorossovkolyptomalwaremark vartanyanrainerfoxsecurity

Partner Content

How to turn digital complexity into competitive advantage
Promoted Content How to turn digital complexity into competitive advantage
The Great Resignation has intensified insider security threats
Promoted Content The Great Resignation has intensified insider security threats
Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations
Security: Understanding the fundamentals of governance, risk & compliance
Promoted Content Security: Understanding the fundamentals of governance, risk & compliance

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

  • Micro Focus Information Management & Governance (IM&G) Forum 2022
  • CRN Channel Meets: CyberSecurity Live Event
  • IoT Insights: Secure By Design for manufacturing
  • Cyber Security for Government Summit
By Juha Saarinen
Mar 17 2017
6:29AM
0 Comments

Related Articles

  • VMware, F5, Log4j added to EnemyBot attack targets
  • FBI Cyclops Blink operation disinfected thousands of WatchGuard appliances
  • Sandworm crafts malware to run on ASUS routers
  • Google adds phishing protection to Workspace apps
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Qantas calls time on IBM, Fujitsu in tech modernisation

Qantas calls time on IBM, Fujitsu in tech modernisation

Service NSW hits digital services goal two years early

Service NSW hits digital services goal two years early

NBN Co taking orders for 'non-premises' connections

NBN Co taking orders for 'non-premises' connections

Australian scientists build world's first quantum computer IC

Australian scientists build world's first quantum computer IC

Digital Nation

IBM global chief data officer on the rise of the number crunchers
IBM global chief data officer on the rise of the number crunchers
COVER STORY: Operationalising net zero through the power of IoT
COVER STORY: Operationalising net zero through the power of IoT
Integrity, ethics and board decisions in the digital age
Integrity, ethics and board decisions in the digital age
Crypto experts optimistic about future of Bitcoin: Block
Crypto experts optimistic about future of Bitcoin: Block
The security threat of quantum computing
The security threat of quantum computing
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.