Please E-mail suggested additions, comments and/or corrections to Kent@MoreLaw.Com.

Help support the publication of case reports on MoreLaw

Date: 06-12-2023

Case Style:

United States of America v. Mihai Ionut Paunescu, a/k/a "Virus"

Case Number: 1:13-cr-00041

Judge: Lorna G. Schofield

Court: United States District Court for the Southern District of New York (Manhattan County)

Plaintiff's Attorney: United States Attorney’s Office in New York City

Defendant's Attorney:




Click Here For The Best New York Criminal Defense Lawyer Directory




Description: New York City, New York criminal defense lawyer represented Defendant charged with conspiracy to commit computer intrusion in connection with running a “bulletproof hosting” service that enabled cybercriminals to distribute the Gozi Virus, the Zeus Trojan, the SpyEye Trojan, and the BlackEnergy malware, all of which were designed to steal confidential financial information.

Mihai Ionut Paunescu, a/k/a "Virus" conspired to distribute the Gozi Virus a malicious computer code or “malware” that stole personal bank account information, including usernames and passwords, from the users of affected computers. The Gozi Virus infected over one million victim computers worldwide, among them at least 40,000 computers in the United States, including computers belonging to the National Aeronautics and Space Administration (“NASA”), as well as computers in Germany, Great Britain, Poland, France, Finland, Italy, Turkey, and elsewhere. The Gozi Virus caused tens of millions of dollars in losses to the individuals, businesses, and government entities whose computers were infected. Once installed, the Gozi Virus – which was intentionally designed to be undetectable by anti-virus software – collected data from the infected computer in order to capture personal bank account information, including usernames and passwords. That data was then transmitted to various computer servers controlled by the cyber criminals who used the Gozi Virus. These cyber criminals then used the personal bank account information to transfer funds out of the victims’ bank accounts and ultimately into their own personal possession.

Similar to the Gozi Virus, the Zeus Trojan and the SpyEye Trojan were designed to steal confidential financial information from victims’ computers. BlackEnergy was initially designed to launch World Wide Web-based DDoS attacks and later upgraded to include the ability to steal account access credentials.

“Bulletproof hosting” services helped cyber criminals distribute the Gozi Virus with little fear of detection by law enforcement. Bulletproof hosts provided cyber criminals using the Gozi Virus with the critical online infrastructure they needed, such as Internet Protocol (“IP”) addresses and computer servers, in a manner designed to enable them to preserve their anonymity.

PAUNESCU operated a “bulletproof hosting” service that helped cyber criminals to distribute some of the world’s most harmful malware, including the Gozi Virus, the Zeus Trojan, the SpyEye Trojan, and BlackEnergy, as well to as commit other cybercrimes, such as transmitting spam, which is an often used means of distributing malware. PAUNESCU rented servers and IP addresses from legitimate Internet service providers and then, in, turn rented those resources to cybercriminals; provided servers that cyber criminals used as command-and-control servers to conduct DDoS attacks; monitored the IP addresses that he controlled to determine if they appeared on a special list of suspicious or untrustworthy IP addresses; and relocated his customers’ data to different networks and IP addresses, including networks and IP addresses in other countries, to avoid being blocked as a result of private security or law enforcement scrutiny.

* * *

In imposing the sentence, Judge Schofield gave PAUNESCU credit for the approximately one year and two months that the defendant was held in Romanian and Colombian custody prior to his extradition to the United States. In addition to his prison sentence, PAUNESCU, 39, of Bucharest, Romania, was ordered to forfeit $3,510,000 and pay restitution in the amount of $18,945.

Mr. Williams praised the investigative work of the Federal Bureau of Investigation. Mr. Williams also thanked the NASA Office of Inspector General and the Colombian National Police. In addition, Mr. Williams thanked the Department of Justice’s Computer Crime and Intellectual Property Section for its partnership in this matter. The U.S. Department of Justice’s Office of International Affairs of the Department’s Criminal Division, the Narcotic and Dangerous Drug Section Judicial Attachés in Bogota, Colombia, and the U.S. Marshal Service provided significant assistance in securing the defendant’s extradition from Colombia.

The prosecution of this case is being handled by the Office’s Complex Frauds and Cybercrime Unit. Assistant U.S. Attorney Sarah Lai is in charge of the prosecution.

18:1030A.F FRAUD ACTIVITY CONNECTED WITH COMPUTERS (CONSPIRACY TO COMMIT COMPUTER INTRUSION)
(1)

Outcome: Defendant was sentenced to 3 years in prison followed by three years of supervised release.

Plaintiff's Experts:

Defendant's Experts:

Comments:



Find a Lawyer

Subject:
City:
State:
 

Find a Case

Subject:
County:
State: