Home
In this issue
April 9, 2014

Jonathan Tobin: Why Did Kerry Lie About Israeli Blame?

Samuel G. Freedman: A resolution 70 years later for a father's unsettling legacy of ashes from Dachau

Jessica Ivins: A resolution 70 years later for a father's unsettling legacy of ashes from Dachau

Kim Giles: Asking for help is not weakness

Kathy Kristof and Barbara Hoch Marcus: 7 Great Growth Israeli Stocks

Matthew Mientka: How Beans, Peas, And Chickpeas Cleanse Bad Cholesterol and Lowers Risk of Heart Disease

Sabrina Bachai: 5 At-Home Treatments For Headaches

The Kosher Gourmet by Daniel Neman Have yourself a matzo ball: The secrets bubby never told you and recipes she could have never imagined

April 8, 2014

Lori Nawyn: At Your Wit's End and Back: Finding Peace

Susan B. Garland and Rachel L. Sheedy: Strategies Married Couples Can Use to Boost Benefits

David Muhlbaum: Smart Tax Deductions Non-Itemizers Can Claim

Jill Weisenberger, M.S., R.D.N., C.D.E : Before You Lose Your Mental Edge

Dana Dovey: Coffee Drinkers Rejoice! Your Cup Of Joe Can Prevent Death From Liver Disease

Chris Weller: Electric 'Thinking Cap' Puts Your Brain Power Into High Gear

The Kosher Gourmet by Marlene Parrish A gift of hazelnuts keeps giving --- for a variety of nutty recipes: Entree, side, soup, dessert

April 4, 2014

Rabbi David Gutterman: The Word for Nothing Means Everything

Charles Krauthammer: Kerry's folly, Chapter 3

Amy Peterson: A life of love: How to build lasting relationships with your children

John Ericson: Older Women: Save Your Heart, Prevent Stroke Don't Drink Diet

John Ericson: Why 50 million Americans will still have spring allergies after taking meds

Cameron Huddleston: Best and Worst Buys of April 2014

Stacy Rapacon: Great Mutual Funds for Young Investors

Sarah Boesveld: Teacher keeps promise to mail thousands of former students letters written by their past selves

The Kosher Gourmet by Sharon Thompson Anyone can make a salad, you say. But can they make a great salad? (SECRETS, TESTED TECHNIQUES + 4 RECIPES, INCLUDING DRESSINGS)

April 2, 2014

Paul Greenberg: Death and joy in the spring

Dan Barry: Should South Carolina Jews be forced to maintain this chimney built by Germans serving the Nazis?

Mayra Bitsko: Save me! An alien took over my child's personality

Frank Clayton: Get happy: 20 scientifically proven happiness activities

Susan Scutti: It's Genetic! Obesity and the 'Carb Breakdown' Gene

Lecia Bushak: Why Hand Sanitizer May Actually Harm Your Health

Stacy Rapacon: Great Funds You Can Own for $500 or Less

Cameron Huddleston: 7 Ways to Save on Home Decor

The Kosher Gourmet by Steve Petusevsky Exploring ingredients as edible-stuffed containers (TWO RECIPES + TIPS & TECHINQUES)

Jewish World Review

Cybercrime takedown!

By Mark Clayton




How the Gozi cybercrime gang, responsible for a virus that infected more than a million computers around the world, including some operated by the US space agency and others by banks -- at a cost of Tens of millions of dollars -- was captured



JewishWorldReview.com | (TCSM) "In order to provide you with extra security, we occasionally need to ask for additional information when you access your account online."

Beginning in 2007, those innocuous-sounding words began appearing seemlessly and immediately on the personal computer screens of thousands of online banking victims in the US and worldwide right after they logged in to their accounts.

Many were duped into entering their mother's maiden name, social security numbers, and other personal data into the neat little labeled boxes.

Little did they know that the moment the personal data was entered, a trojan horse program inhabiting their personal computer immediately sent it to a computer server in California — and from there to a central command-and-control server in the Netherlands. After that, access to the stolen account data was sold to other criminals, who used it to enter the accounts and transfer out cash.

Tens of millions of dollars was stolen this way from online accounts, according to charges filed in a federal court in New York Wednesday against the alleged leading members of the Gozi Gang, cyber bank robber masterminds and creators of the infamous Gozi trojan, one of the world's most notorious and malicious bank-theft software programs.

According to the US attorney for New York's Southern District, the alleged gang leaders, three Eastern European men in US custody, played critical roles in producing and distributing the Gozi virus. They faced criminal charges ranging from conspiracy to commit bank fraud to access device fraud and computer intrusion, and maximum penalties ranging from 60 to 95 years in prison.


FREE SUBSCRIPTION TO INFLUENTIAL NEWSLETTER

Every weekday JewishWorldReview.com publishes what many in the media and Washington consider "must-reading". HUNDREDS of columnists and cartoonists regularly appear. Sign up for the daily update. It's free. Just click here.


Since 2007, Gozi has infected at least 1 million computers worldwide, including 40,000 in the US.

Documents released in federal court shed light on the federal takedown of the gang — including the three alleged international cybercriminals suspected of creating and distributing the Gozi virus (really a trojan horse program that creates an invisible digital back door) — as well as the inner workings of the gang.

First, they allege that Nikita Kuzmin, a Russian national, was the mastermind who set out the technical specifications and hired a programmer called only "CC-1" to create the Gozi Trojan in 2005. Mr. Kuzmin was arrested during a visit to the United States in November 2010, later pleading guilty to computer intrusion and fraud charges in May 2011.

Charged yesterday were Deniss Calovskis, a Latvian who goes by the online nickname, "Miami," who is alleged to have written some of the computer code that made the Gozi trojan so effective. He was arrested in Latvia in November 2012. He was indicted on several conspiracy charges, including conspiracy to commit aggravated identity theft.

Also charged was Mihai Ionut Paunescu, a Romanian whose alleged hacker handle is "Virus." Authorities say he operated a so-called "bulletproof hosting" service that enabled Kuzmin and other cybercriminals to distribute the Gozi trojan, the Zeus trojan, and other infamous malware. He was arrested in Romania in December 2012.

"As we have seen with increasing frequency, cybercriminals' bank heists require neither a mask nor a gun, just a clever program and an Internet connection," said Preet Bharara, US attorney for Manhattan, in a statement. "This case should serve as a wake-up call to banks and consumers alike, because cybercrime remains one of the greatest threats we face, and it is not going away anytime soon."

Once the Gozi trojan was coded, the court documents allege, Kuzmin began sharing it with other cybercriminals in exchange for a weekly fee through what he called his "76 Service."

Through the service, Kuzmin made the Gozi trojan's catch available to criminals, who could also configure the program to steal data of their choosing — for instance from a particular country. All the stolen data was stored for them on Mr. Paunescu's bullet-proof servers.

Meanwhile, Kuzmin advertised his "76 Service" on Internet cybercrime forums. Finally, in 2009, Kuzmin began to do what other cyber bank trojan makers had done long before — sell the actual source code to Gozi. The price: $50,000 a copy.

Along the way, Gozi infected 160 computers at NASA, stealing logon credentials there, as well as computers in Germany, Great Britain, Poland, France, Finland, Italy, and Turkey. "Where Gozi really was a trailblazer was in providing criminal-to-criminal services," says Don Jackson, a senior security researcher with the Counter Threat unit of Dell Secureworks in Atlanta, who first discovered Gozi in 2007.

"The 76 Service was not about selling the source code, but selling access to the infected computers," he says, "reaching out to other criminals and providing live data feeds."

After he first unveiled the workings of Gozi in 2007, the gang backed off of targeting US bank customers and focused instead on European victims. As a result, Mr. Jackson says that for about three years he had a hard time getting the attention of US law enforcement authorities, who were less concerned about European attacks. But that all changed around a few years later when the gang started hitting the US again, he says.

"About 2010, the Gozi gang began targeting US banks almost exclusively," Jackson says. "That's when FBI started calling again asking for information."

Jackson says the capture of Paunescu, the alleged bullet-proof hosting service provider, was a key to ending Gozi.

Unlike Gozi, other major banking trojan malware like Zeus and SpyEye is more user friendly for the criminals, involving point and click systems, thus making those operations more resilient - and even more dangerous, Jackson says.

But because the Gozi gang's inner circle was a tightly knit group, and because the trojan required more technical expertise to operate, he thinks that Gozi is likely to be dead in the long run, even if a few operators of the software try to persist.

"I think in this case they've finally cut off they head of the snake," he says.

=<<

Every weekday JewishWorldReview.com publishes what many in Washington and in the media consider "must reading." Sign up for the daily JWR update. It's free. Just click here.

Comment by clicking here.

© 2013, The Christian Science Monitor