A Ukrainian national has pleaded guilty leading two prolific malware schemes and is facing up to 40 years imprisonment.
The US Department of Justice said that Vyacheslav Igorevich Penchukov was behind the Zeus and IcedID malware campaigns, which led to tens of millions of dollars in losses across thousands of organizations.
The University of Vermont Medical Center was a victim of one of Penchukov's campaigns in 2020.
The ransomware attack meant the center was unable to provide many critical patient services for over two weeks and resulted in losses of over $30m. Penchukov was arrested in Geneva, Switzerland, in October 2022 after nearly a decade on the FBI's Cyber Most Wanted List.
The Zeus malware campaign began in May 2009, led by Penchukov and his co-conspirators, and quickly became the weapon of choice for criminals targeting financial institutions and their online customers.
The group would install the malware on victims' computers, enabling them to capture bank account information, passwords, personal identification numbers and other information necessary to log into online banking accounts.
Penchukov and his associates then falsely told banks that they were employees of the victim and authorized to transfer funds from their bank accounts.
This resulted in banks making unauthorized transfers of funds from these accounts.
These mules would then withdraw and wire funds overseas to accounts controlled by Penchukov's co-conspirators.
Two members of the Zeus group plead guilty to their role in the campaign in November 2014, receiving a sentence of two years and 10 months of incarceration.
After being added to the FBIs Cyber Most Wanted List, Penchukov launched a new cybercriminal campaign using the IcedID malware, which started from at least November 2018.
IcedID enabled Penchukov and co-conspirators to collect and transmit personal information from victims, including credentials for banking accounts.
This malware also provided access to infected computers for other forms of malicious software, including ransomware, of which the University of Vermont Medical Center was a victim.
Zeus and IcedID malware have been used by various cybercrime groups, infecting victims via a range of techniques, including phishing emails.
Penchukov will be sentenced on May 9, 2024, and faces a maximum penalty of 20 years in prison for each count.
The US has recently imposed hefty penalties for prosecuted cybercriminals.
In January 2024, the DoJ announced that 19 individuals involved in managing and using the late xDedic cybercrime marketplace were handed lengthy prison sentences.
In September 2023, a Russian businessman was sentenced to nine years in prison for an elaborate corporate hacking scheme that defrauded American businesses to the tune of approximately $93m..
This Cyber News was published on www.infosecurity-magazine.com. Publication date: Mon, 19 Feb 2024 12:00:19 +0000