US, European officials bring charges in global malware case

This undated poster released by the FBI includes five Russian fugitives that have been charged in connection with malicious software attacks that infected tens of thousands of computers worldwide and caused more than $100 million in financial losses. (FBI Pittsburgh Field Office via AP)
This undated poster released by the FBI includes five Russian fugitives that have been charged in connection with malicious software attacks that infected tens of thousands of computers worldwide and caused more than $100 million in financial losses. (FBI Pittsburgh Field Office via AP)

WASHINGTON (AP) - Ten people, including five Russian fugitives, have been charged in connection with malicious software attacks that infected tens of thousands of computers worldwide and sought to steal $100 million from victims, U.S. and European authorities announced Thursday.

The malware enabled criminals from Eastern Europe to take remote control of infected computers and siphon funds from victims' bank accounts, and targeted companies and institutions across all sectors of American life. Victims included a Washington law firm, a church in Texas, a furniture business in California, a casino in Mississippi and a Pennsylvania asphalt and paving business.

Several defendants are awaiting prosecution in Europe, and five are Russians who remain fugitives in that country. An 11th participant in the conspiracy was extradited to the United States from Bulgaria in 2016 and pleaded guilty last month in a related case in federal court in Pittsburgh, where Thursday's indictment was brought.

Though the Justice Department has pursued multiple malware prosecutions in recent years against foreign hackers, this case stands out as a novel model of international collaboration, said Scott Brady, the U.S. attorney in Pittsburgh.

Instead of seeking the immediate extradition of all 10 defendants - an often cumbersome process that can take years of negotiations - American authorities shared evidence with their European counterparts to allow officials in Ukraine, Moldova and Georgia to initiate prosecutions in the nations where the defendants reside.

"It represents a paradigm change in how we prosecute cybercrime," Brady said in an interview with the Associated Press before a news conference in The Hague with a coalition of a half-dozen countries.

Cybercrime networks "are increasingly targetable" when investigators work together, Robert Jones, the FBI special agent in charge of the Pittsburgh office, said at the news conference. "International cooperation is no longer a nicety, it's a requirement," he said.

Other law enforcement officials also said the strategy represents the new face of combating high-tech crime.

Cybercrime has no borders, and criminals have taken advantage of the legal complexities of trying to fight it, said Steven Wilson, head of the European CyberCrime Centre at Europol. "Only through international cooperation can we hope to tackle it," he said, adding the charges "provide for a safer internet for all of us."

The charges in the indictment include conspiracy to commit computer fraud, conspiracy to commit wire and bank fraud and conspiracy to commit money laundering.

The investigation was an outgrowth of the Justice Department's dismantling in 2016 of a network of computer servers, known as Avalanche, which hosted more than 20 different types of malware. GozNym, the malware cited in Thursday's case, was among the ones hosted on the network and was designed to automate the theft of sensitive personal and financial information.