US charges man in $10M malware scheme

US charges man in $10M malware scheme
© Getty Images

The Department of Justice has indicted a Moldovan man for his role in “one of the most pernicious malware threats in the world.”

The indictment, unsealed on Tuesday, accuses Andrey Ghinkul of acting as part of a conspiracy that spread a botnet known as Bugat.

The malware package was distributed through email and stole personal and financial information — like online banking credentials — from infected computers. It was specifically designed to evade antivirus protections.


U.S. law enforcement has put a stop to the spread of the malware, but the FBI estimates that at least $10 million in domestic losses can be attributed to Bugat.

According to the indictment, Ghinkul and others caused unauthorized transfers from a Pennsylvania school district’s First National Bank account and a Penneco Oil account at First Commonwealth Bank.

In the case of the transfers from the Penneco Oil account — including one to the tune of $2 million — the company’s account information was allegedly obtained through a phishing email sent to a Penneco Oil employee.

Ghinkul has been charged with criminal conspiracy, unauthorized computer access with intent to defraud, damaging a computer, wire fraud and bank fraud.

He was arrested in August in Cyrus. The U.S. is currently seeking his extradition.