A man credited with helping to create the infamous Gozi banking malware has pled guilty in a US court.
Deniss Calovskis, 30, of Latvia was arrested November 2012 and spent 10 months in the Baltic state’s cooler before being extradited to the USA where he’s been behind bars ever since.
Last Friday Calovskis appeared in the US District Court, pled guilty and pledged not to appeal any sentence less than two years, Reuters reports.
“I knew what I was doing was against the law,” Calovskis reportedly said in court.
The criminal coder is said to be the most skilled of the blackhats involved in the Gozi scheme and is said to said to have built web injects that compromise targeting banking portals on Gozi-infected computers.
Calovskis was picked up in 2013 along with Russian national Nikita Kuzmin, Latvian Deniss Calovskis, 27, and 28-year-old Romanian Mihai Ionut Paunescu said to be behind the scam.
Pauneschu has not yet been extradited.
Alleged mastermind Kuzmin pled guilty to hacking and fraud charges in May 2011, while Paunescu is said to have supplied the bulletproof hosting so critical to malware operations.
Gozi turned up in 2007 and used phishing campaigns to infected millions of Windows boxes, inflicting tens of millions of dollars in losses.
The net menace continues with an attack against users in Japan detected last week found to have borrowed Gozi code.
The sting that took the Gozi gang down was a join operation of global law enforcement including the FBI, Latvian State Police; the Romanian Intelligence Service; the Romanian Directorate for Combating Organized Crime; the Romanian Directorate for Investigating Organized Crime and Terrorism, and various prosecuting agencies.