Weissblick - Fotolia

Citadel malware developer jailed

A Russian man believed to be one of the developers of the Citadel malware used to steal millions by infecting around 11 million computers around the world

Moscow-born Russian Mark Vartanyan has been sentenced to five years in prison by a US district court after pleading guilty to computer fraud.

Vartanyan, whose online handle was Kolypto, is believed to have helped develop, improve and maintain the Citadel malware while living in Ukraine between August 2012 and January 2013, and while living in Norway from April to June 2014.

He was arrested in Norway in October 2014 and extradited to the US in December 2016, but cut a deal with US authorities in March 2017 for a reduced sentence in return for cooperating with investigators.

Vartanyan’s sentence also took into account the two years he spent in jail in Norway, according to Reuters.

Citadel was developed to infect computer networks of major financial and government institutions around the world and steal user credentials to carry out fraudulent transactions, diverting money to cyber criminals.

The malware, which is a variant of the Zeus banking Trojan and used keylogging to steal banking credentials, is believed to have enabled the theft of around $500m from millions of people in 90 countries.

Vartanyan and his accomplices tricked victims into downloading the malware by sending fake emails that appeared to come from legitimate financial institutions, but contained malicious links.

They later made it more difficult to detect and remove the malware by blocking victims’ access to legitimate antivirus or antimalware sites.

Read more about Citadel malware

In June 2013, Microsoft, security firm Agari and the Financial Services Information Sharing and Analysis Center (FS-ISAC) worked with the FBI to disrupt the Citadel botnet and eventually the malware’s source code was reportedly leaked, which helped antivirus firms to identify and block it.

“Mark Vartanyan utilised his technical expertise to enable Citadel to become one of the most pernicious malware toolkits of its time, and for that, he will serve significant time in federal prison,” US attorney John Horn said in a statement.

Vartanyan is the second Russian man to be sentenced in connection with the Citadel malware after Dimitry Belorossov was sentenced to four-and-a-half years in jail in 2015 after pleading guilty to charges related to Citadel’s distribution. He was extradited to the US after being arrested while on holiday in Spain.

Read more on Hackers and cybercrime prevention