What happened? Russian national Mark Vartanyan pleaded guilty on Monday to one count of computer fraud related to his role in co-developing and distributing Citadel malware under the hacker alias Kolypto. Vartanyan, who has agreed to cooperate with federal prosecutors, reportedly faces a possible sentence of up to five years.
Jurisdiction: Assistant United States Attorney Steven D. Grimberg is prosecuting the case in the Northern District of Georgia, with assistance from the Justice Department's Office of International Affairs. The FBI led the original investigation. Vartanyan was arrested in Norway and extradited in December 2016, and was arraigned before U.S. Magistrate Judge Russell Vineyard.
Sentencing: Vartanyan is scheduled to be sentenced on June 21.
Background: Per a DOJ press release: Vartanyan was arrested for developing, improving, maintaining and distributing the Citadel data-stealing trojan that has historically been used against financial and government institutions, infecting about 11 million computers and costing over $500 million in losses.
Vartanyan was accused of engaging in this illegal activity sometime between August 2012 and January 2013 while in the Ukraine, and again in 2014 while living in Norway. "During these periods, Vartanyan allegedly uploaded numerous electronic files that consisted of Citadel malware, components, updates and patches, as well as customer information, all with the intent of improving Citadel's illicit functionality," the DOJ reported in its release.
The DOJ's investigation into the original creator of the Citadel malware continues, the agency also noted.
Quotes: “This successful extradition is yet another example of how cooperation among international law enforcement partners can be used to disrupt and dismantle global cyber syndicates,” said U.S. Attorney John Horn. “This defendant's alleged role in developing and improving Citadel for its use by cybercriminals caused a vast amount of financial harm to individuals and institutions around the world. His appearance in federal court today shows that cybercriminals cannot hide in the shadows of the Internet. We will identify them and bring them to justice wherever they operate.”
“We must continue to impose real costs on criminals who believe they are protected by geographic boundaries and can prey on the American people and institutions with impunity," said David J. LeValley, Special Agent in Charge, FBI Atlanta Office. "Vartanyan's arrest removes a significant player who was engaged in the development, improvement, maintenance and distribution of malware from the resources available to the cyber criminal underground, thereby deteriorating the capabilities of cyber criminal groups."
