Geoffrey S. Berman, the United States Attorney for the
Southern District of New York, announced that STANISLAV VITALIYEVICH LISOV,
a/k/a “Black,” a/k/a “Blackf” (“LISOV”), was sentenced to 48 months in prison
today for conspiring to deploy and use a type of malicious software known as
NeverQuest to infect the computers of unwitting victims, steal their login
information for online banking accounts, and use that information to steal
money out of the victims’ accounts.
NeverQuest has been responsible for millions of dollars’ worth of
attempts by hackers to steal money out of victims’ bank accounts. LISOV was sentenced by U.S. District Judge
Valerie E. Caproni, who presided over his guilty plea earlier this year.
U.S. Attorney Geoffrey S. Berman stated: “Stanislav Vitaliyevich Lisov, a Russian
hacker, used malware to infect victims’ computers, obtain their login
credentials for online banking accounts, and steal money from their
accounts. This type of cybercrime threatens
personal privacy and harms financial institutions. Lisov’s arrest, extradition, conviction, and
prison sentence should send an unmistakable message about this Office’s firm
commitment to prosecuting hackers – domestic and foreign alike.”
According to the allegations in the Indictment to which
LISOV pled guilty, public court filings, and statements made in court:
NeverQuest is a type of malicious software, or malware,
known as a banking Trojan. It can be
introduced to victims’ computers through social media websites, phishing
emails, or file transfers. Once
surreptitiously installed on a victim’s computer, NeverQuest is able to
identify when a victim attempted to log onto an online banking website and
transfer the victim’s login credentials – including his or her username and
password – back to a computer server used to administer the NeverQuest
malware. Once surreptitiously installed,
NeverQuest enables its administrators remotely to control a victim’s computer
and log into the victim’s online banking or other financial accounts, transfer
money to other accounts, change login credentials, write online checks, and
purchase goods from online vendors.
Between June 2012 and January 2015, LISOV was responsible
for key aspects of the creation and administration of a network of victim
computers known as a “botnet” that was infected with NeverQuest. Among other things, LISOV maintained
infrastructure for this criminal enterprise, including by renting and paying
for computer servers used to manage the botnet that had been compromised by
NeverQuest. Those computer servers
contained lists with approximately 1.7 million stolen login credentials –
including usernames, passwords, and security questions and answers – for
victims’ accounts on banking and other financial websites. LISOV had administrative-level access to
those computer servers.
LISOV also personally harvested login information from
unwitting victims of NeverQuest malware, including usernames, passwords, and
security questions and answers. In
addition, LISOV discussed trafficking in stolen login information and
personally identifying information of victims.
On January 13, 2017, LISOV was arrested in Spain pursuant to
a provisional arrest warrant. On January
19, 2018, LISOV was extradited from Spain to the United States.
* * *
In addition to his prison term, LISOV, 34, a citizen of
Russia, was sentenced to three years of supervised release, and was ordered to
pay forfeiture of $50,000 and restitution of $481,388.04.
Mr. Berman praised the outstanding investigative efforts of
the Federal Bureau of Investigation.
The matter is being handled by the Office’s Complex Frauds
and Cybercrime Unit. Assistant U.S.
Attorney Michael D. Neff is in charge of the prosecution.
Posts
No comments:
Post a Comment