Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Citadel Author Sentenced to Five Years in Prison

A Russian man this week was sentenced to five years in prison for his involvement in the development and maintenance of the Citadel banking malware.

A Russian man this week was sentenced to five years in prison for his involvement in the development and maintenance of the Citadel banking malware.

Known under the handle of “Kolypto,” Mark Vartanyan was arrested in Norway and extradited to the United States in December 2016. In March 2017, he pleaded guilty in court. Charged with one count of computer fraud, he will serve his sentence in federal prison.

The Citadel malware was designed to steal sensitive information such as online banking login credentials, courtesy of keylogging capabilities. The threat ensnared machines into botnets and affected millions of people globally. The malware was estimated in 2013 to have been responsible for over $500 million in financial fraud.

Based on the leaked source code of the Zeus banking Trojan, Citadel spawned numerous variants, the most recent of which is called Atmos and is said to be Citadel’s polymorphic successor. In April last year, Atmos had over 1,000 bots.

“Citadel caused vast amounts of harm to financial institutions and individuals around the world. Mark Vartanyan utilized his technical expertise to enable Citadel into becoming one of the most pernicious malware toolkits of its time, and for that, he will serve significant time in federal prison,” U.S. Attorney John Horn said.

Also capable of stealing personally identifiable information from victim computer networks, Citadel started being sold in 2011 on invite-only, Russian-language cybercriminal forums.

Citadel operators are said to have targeted and exploited the computer networks of major financial and government institutions worldwide, including financial institutions in the United States. The malware infected an estimated 11 million computers.

According to the information presented in court, Vartanyan was involved not only in the development and maintenance of Citadel, but also in the improvement and distribution of the malware. He engaged in such activities between on or about August 21, 2012 and January 9, 2013, while residing in Ukraine, and between on or about April 9, 2014 and June 2, 2014, while residing in Norway, the Department of Justice reveals.

Advertisement. Scroll to continue reading.

“Malicious software and botnets are rarely created by a single individual. Cybercrime is an organized team effort involving sophisticated, talented, and tech savvy individuals. Today’s sentencing of Mr. Vartanyan […] both removes a key resource from the cyber underworld and serves as a strong deterrent to others who may be contributing to the development of botnets and malware. The threat posed by cyber criminals in the U.S. and abroad is ever increasing,” David J. LeValley, Special Agent in Charge, FBI Atlanta Field Office, said.

Related: Russian Hacker Gets 27-Year Prison Sentence

Related: Citadel Botnet Author Pleads Guilty

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.