Russian National Receives 5 Years In Jail For Role In Citadel Attacks

Mark Vartanyan is the second individual to be sent to prison in connection with Citadel.

A US federal court in Atlanta this week sentenced Russian national Mark Vartanyan to five years in prison for his role in developing, improving and distributing Citadel, a malware kit that was used to steal an estimated $500 million from individuals and financial institutions worldwide.
Vartanyan, who also used the moniker Kolypto, had previously pleaded guilty to computer fraud charges in March 2017 after being extradited to the US from Norway last December.
Federal authorities had charged Vartanyan with developing, improving, maintaining, and distributing Citadel while residing in Ukraine and later in Norway between August 2012 and June 2014. During that period, he uploaded numerous files consisting of Citadel software, components, updates and patches all with the intent to improve the malwares functionality.
Vartanyan was arrested in Norway in October 2014. He will receive credit for time spent in custody since then which means he will be eligible for release in less than three years.
Mark Vartanyan utilized his technical expertise to enable Citadel into becoming one of the most pernicious malware toolkits of its time, US Attorney John Horn said in a
statement
announcing the sentence Wednesday. For that, he will serve significant time in federal prison.
Citadel first surfaced in 2011 and was assembled using leaked source code for the Zeus, a banking Trojan. It was initially made available to cybercriminals on an invitation-only basis on multiple Russian-language online forums.
The malware was designed to steal payment card data, personal data, and information for logging into bank accounts. It was typically installed on victim computers in the form of a drive-by-download, though cybercriminals employed multiple other infection methods as well. For instance, the creators of the malware bundled it into pirated versions of Windows XP installed on computers sold in multiple countries. In many cases, Citadel blocked infected computers from accessing antimalware sites making it harder to detect and remove the malware.
In all, cybercrimnals infected some 11 million systems globally with Citadel and turned the systems into remotely controlled bots. The malwares victims included organizations such as Citigroup, Bank of America, American Express, and Wells Fargo.
In June 2013 Microsoft
announced
that the company, along with the FBI and law enforcement authorities from multiple countries, had managed to severely disrupt Citadel operations by shutting down more than 1,400 botnets associated with the malware. At the time, Microsoft had noted that cybercriminals were using fraudulently obtained signing keys for Windows XP to bundle Citadel into the operating system.
Even after that cooperative operation though, Citadel continued to be a threat.
In 2014 for instance, security researchers
reported
seeing the malware being used to attack the password managers used by many organizations to store and secure their online account credentials. The same year, IBM researchers said they had observed a Citadel variant being use to conduct
cyberspying operations
against petrochemical companies in the Middle East. Last year, security vendor
Heimdal Security
said it had discovered the malware being used in a modified form to attack banks in France.
Vartanyan is the second individual sentenced to jail time for activities connected to Citadel malware.
In September 2015, another Russian national, Dimitry Belorossov was sentenced to four-and-a-half years in prison for developing, distributing and installing Citadel on computers worldwide. Belorossov pleaded guilty to operating a Citadel botnet comprising of over 7,000 infected systems including those belonging to multiple US banks, financial institutions, and a federal court in Georgia.

Black Hat USA returns to the fabulous Mandalay Bay in Las Vegas, Nevada, July 22-27, 2017. Click for information on the
conference schedule
and
to register.

Related Content:
New Citadel Attack Targets Password Managers
Cyberspies Resuscitate Citadel Trojan For Petrochemical Attack
Russian Developer of the Notorious Citadel Malware Sentenced to Prison
21 Biggest Cybercriminal Busts Of 2016

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Russian National Receives 5 Years In Jail For Role In Citadel Attacks