Man Behind Virus That Stole Millions, Infected NASA Computers Reaches Deal

Gozi virus helped steal millions of dollars, infected NASA computers.

ByABC News
September 4, 2015, 2:48 PM
U.S. Attorney for the Southern District of New York Preet Bharara holds a news conference on the Gozi Virus in New York, Jan. 23, 2013.
U.S. Attorney for the Southern District of New York Preet Bharara holds a news conference on the Gozi Virus in New York, Jan. 23, 2013.
Carlo Allegri/Reuters

— -- A hacker who played a key role in developing a computer virus that stole millions of dollars from victims and even managed to infiltrate some NASA computers agreed to a plea deal today in New York federal court.

Deniss Calovskis, a Latvian national, pleaded guilty to conspiring to commit computer intrusion, prosecutors said. He'll be sentenced on Dec. 14 and faces a maximum 10 years in prison and a fine potentially as high as $250,000, according to a copy of the signed plea agreement.

Authorities have called the Gozi computer virus "one of the most financially destructive computer viruses in history" and alleged Calovskis was responsible for writing some of the code that allowed the virus to stealthily infiltrate victims' computers and avoid detection from spyware. He was arrested in November 2012.

The malicious code infected at least 40,000 computers in the U.S., including NASA computers, and was allegedly used to steal tens of millions of dollars from bank accounts around the world, according to the U.S. Department of Justice.

The malicious code, described as "one of the most financially destructive computer viruses in history," was first discovered by American cyber-security experts in 2007, but New York prosecutors said the criminal operation continued until March 2012.

Gozi spread to the U.S. no later than 2010 and eventually infected 160 computers belonging to NASA, according to court documents. In total, the scheme "caused tens of millions of dollars in losses and affected well over one million computers," court papers noted.

One method for infecting victims was to disguise the virus as a .pdf document, which when opened, would install the virus on the target's computer while remaining undetectable by anti-virus software, according to the Department of Justice. The virus would then collect personal data from the computer, including bank account information, which was then used to transfer funds from the victims and ultimately into accounts the hackers could access, the Department of Justice said.