The creator of the Citadel Malware-as-a-Service, the Russian Mark Vartanyan (aka Kolypto) pleaded guilty to charges from an Atlanta federal court. This comes soon after the malware developer’s extradition from Norway. Since the hacker pleads guilty, he’ll likely spend about five years in prison, similar to another Russian crook – Rainerfox who was sentenced to four and a half years.
The Citadel Banking Trojan
The Citadel malware is a banking Trojan. It’s used by crooks to steal banking credentials and extort money. According to some estimates, the malware was used to steal about half a billion dollars. The malware was distributed in Russian underground forums, in which Kolypto was very active. The original code for Citadel borrowed heavily from the ZeuS banking Trojan.
The arrest of Mark Vartanyan means that he can’t develop or distribute his malware anymore, but it’s not exactly a massive victory for cybersecurity. Citadel could still prove useful for scammers. The $500 million damage has already been done. Kolypto was also something of a pillar of the criminal community, as he often communicated with other crooks and updated his code based on their feedback.
As with almost all software and malware, banking Trojans are often created by big teams and collaboration. Most of the Citadel developers are still at large. Vartanyan has agreed to cooperate with the authorities as part of his court deal. We’re et to see if that will produce any results and if any more crooks will face justice for their criminal activities.