Threat Management, Malware

Three GozNym members sentenced domestically, internationally

A three-year-old investigation and prosecution of cybercriminals aligned with the multinational GozNym network resulted last week in the sentencing of a Bulgaria resident in a Pittsburgh federal court. In a related action, a Tbilisi, Georgia court handed down prison sentences of seven and nine years to two Georgian members of the group, following a lengthy trial.

In the Pittsburgh case, U.S. District Judge Nora Barry Fischer ruled that Krasimir Nikolov, 47, will be sent back to Bulgaria three years after already serving more than 39 months in a U.S. prison. In September 2016, Nikolov was arrested in Bulgaria, from which authorities extradited him to the U.S. for prosecution on charges of criminal conspiracy, computer fraud and bank fraud.

The country of Georgia was not among the countries that were victimized by the GozNym network, which in 2015 and 2016 infected roughly 41,000 computers with banking malware and stole approximately $100 million from victims. However, the former Soviet nation cooperated in successfully prosecuting two of its residents: Alexander Konovolov, known as “NoNe,” or “none_1,” and Marat Kazandjian, known as “phant0m.” Konovolov was identified as the primary organizer and leader of the GozNym network, while Kazandjian was Konovolov’s primary assistant and technical administrator.

In May 2019, the U.S. indicted 10 individuals in connection with GozNym, charging them with conspiracy to commit computer fraud, conspiracy to commit wire fraud and bank fraud, and conspiracy to commit money laundering. Five of these individuals were arrested in European countries that are diplomatically friendly with the U.S., including Bulgaria, Georgia, Germany, Moldova and Ukraine. The remaining five fugitives are believed to be hiding out in Russia. 

According to a Dec. 20 Justice Department press release, Nikolov was to be transferred into U.S. Immigration and Customs Enforcement custody, awaiting extradition to Bulgaria.

The Georgian prosecution was based on violations of Georgian criminal laws perpetrated by Konovolov and Kazandjian against GozNym victims in the U.S., including victims in the Western District of Pennsylvania.

Authorities in the U.S. and Georgia lauded the latest actions as testament that cybercrime can and will be successfully prosecuted across international borders.

In the press release, United States Attorney Scott W. Brady stated, “borderless cybercrime necessitates a borderless response. This new paradigm involves unprecedented levels of cooperation with willing and trusted law enforcement partners around the world who share our goals of searching, arresting and prosecuting cybercriminals no matter where they might be.”

FBI Pittsburgh Special Agent in Charge Robert Jones added, “Through international cooperation with multiple agencies, we were able to target, take down and bring to justice members of this criminal enterprise.” 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.