Russian Citadel Malware Creator Gets Five Years

A Russian man who helped develop and distribute malicious software designed to steal personal financial information was sentenced Wednesday in Atlanta to serve five years in prison.

Mark Vartanyan, also known as "Kolypto," had pleaded guilty in March to a computer fraud charge after reaching a deal with prosecutors.

U.S. District Judge Mark Cohen said Vartanyan would receive credit for time served, including more than two years in a prison in Norway following his arrest there in October 2014. He will be turned over to immigration authorities for deportation once he serves his sentence.

Starting in 2011, Citadel was marketed on invite-only, Russian-language internet forums used by cybercriminals, and users targeted the computer networks of major financial and government institutions around the world to steal financial account credentials and personally identifiable information, prosecutors have said. Industry estimates indicate it infected about 11 million computers worldwide and caused more than $500 million in losses.

Vartanyan, a native of Moscow, was involved in the development, improvement, maintenance and distribution of Citadel from August 2012 to January 2013 while living in Ukraine and again from April 2014 to June 2014 while living in Norway, prosecutors have said. His attorney said he was working for a healthcare technology company in Norway.

Vartanyan didn't author the malware, federal prosecutor Steven Grimberg told the judge, but "he was, for lack of a better term, the 'mechanic,' the person who made it more pernicious."

Prosecutors requested a five-year sentence, much lower than possible, because Vartanyan quickly showed remorse and began helping the government, Grimberg said. Details of his cooperation were not revealed.

"I have rarely come across an individual who has been as sorry for his role as Mark Vartanyan," he said.

Nevertheless, Grimberg said, cybercriminals often operate in countries that don't allow for extradition, so it's important to send a message that anyone who...

Comments are closed.