The Department of Justice has indicted a Moldovan man for his role in “one of the most pernicious malware threats in the world.”
The indictment, unsealed on Tuesday, accuses Andrey Ghinkul of acting as part of a conspiracy that spread a botnet known as Bugat.
The malware package was distributed through email and stole personal and financial information — like online banking credentials — from infected computers. It was specifically designed to evade antivirus protections.
U.S. law enforcement has put a stop to the spread of the malware, but the FBI estimates that at least $10 million in domestic losses can be attributed to Bugat.
According to the indictment, Ghinkul and others caused unauthorized transfers from a Pennsylvania school district’s First National Bank account and a Penneco Oil account at First Commonwealth Bank.
In the case of the transfers from the Penneco Oil account — including one to the tune of $2 million — the company’s account information was allegedly obtained through a phishing email sent to a Penneco Oil employee.
Ghinkul has been charged with criminal conspiracy, unauthorized computer access with intent to defraud, damaging a computer, wire fraud and bank fraud.
He was arrested in August in Cyrus. The U.S. is currently seeking his extradition.