Malware writers face extradition


International law enforcement efforts received a boost last month when officials in the U.S. and Europe signed off on a data-protection agreement intended to lay out a process for how personally identifiable information (PII) is safeguarded when exchanged across borders. A result of four years of effort, the “Umbrella Agreement” is just one step in an evolving – and often cluttered and ill-defined – network of rules to aid in the prosecution of criminals and terrorists. 

“The Umbrella Agreement will provide safeguards and guarantees of lawfulness for data transfers, thereby strengthening fundamental rights, facilitating EU-U.S. law enforcement cooperation and restoring trust,” the European Commission said.

“Robust cooperation between the EU and the U.S. to fight crime and terrorism is crucial to keep Europeans safe,” EU Commissioner Vera Jourová said. She also emphasized, however, that ensuring the privacy of individuals, ensured by strong data protection rules, was an essential aspect of the agreement.

The ratification of the deal faces obstacles as the U.S. Congress must reciprocate by passing a bill to ensure Europeans can sue in U.S. court should their data be misused.

Certainly, the arrest in Cyprus in early September of one of the alleged masterminds behind the creation of banking malware Dridex – capable of siphoning credentials of online banking websites so as to enable an attacker to use those credentials to initiate transfers and steal funds – is an indication of increasing global cooperation. The unnamed 30-year-old Moldova man will now be extradited to the U.S.

Cybersecurity blogger Brian Krebs noted that the Dridex arrest comes around the same time as the arrest of a Russian man in Norway. That man allegedly developed Citadel, a banking malware used in the breach of Target Corp. in November. The 27-year-old man, identified only by Mark, is set to be extradited to the U.S. as well.

Meanwhile, also last month, Deniss Calovskis, a 30-year-old arrested in February and extradited to the U.S. from Latvia, admitted in a federal court in New York that he was one of the coders responsible for Gozi, a trojan that infected more than a million machines worldwide five years ago. He had prior claimed he was innocent to any role in creating the malware family used in numerous cyberheists.

Calovskis and cohorts earned tens of millions of dollars distributing the malware, according to a statement from the FBI. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.