Security Experts:

Connect with us

Hi, what are you looking for?



Colombia Catches Hacker Wanted in the U.S. for ‘Gozi’ Virus

Colombian officials say they have arrested a Romanian hacker who is wanted in the U.S. for distributing a virus that infected more than a million computers from 2007 to 2012.

Colombian officials say they have arrested a Romanian hacker who is wanted in the U.S. for distributing a virus that infected more than a million computers from 2007 to 2012.

Mihai Ionut Paunescu faces computer intrusion and banking fraud charges in New York, where prosecutors say he was part of a ring of criminals that developed and spread the “Gozi” virus and other forms of malware that were used to steal money from bank accounts.

Prosecutors say that Gozi infected computers in at least eight countries, including the United States, Germany, Finland and the United Kingdom.

Victims included individuals, corporations and also computers belonging to NASA.

The virus traveled within PDF documents and once it entered a computer it was able to steal bank account passwords, enabling cyber criminals to take “tens of millions of dollars” from victims according to an indictment filed in the Southern District Court of New York.

Prosecutors say Paunescu designed hosting systems that helped cyber criminals to share the virus files without being detected. The virus was rented out to criminal operators for a fee of $500 a week.

In 2016, the virus’ creator, Nikita Kuzmin, was sentenced to 37 months in prison and fined $7 million following a plea bargain. A Latvian programmer who helped design the virus also received a 21-month prison sentence after being extradited to the U.S.

Paunescu had been arrested in Romania in 2012, but was able to avoid extradition. Colombia’s Attorney General’s office said he was detained at Bogota’s international airport, sporting a thick beard and wearing a red t-shirt.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...