On Dec. 22, a Bulgarian man who was accused of stealing confidential information from two California companies pleaded not guilty. According to the lawsuit, the man, age 44, used sophisticated malware that was specifically designed to obtain banking credentials from computers that had been infected.
It was argued that he attempted to transfer approximately $118,000 from a San Diego company and $738,000 from a furniture collections company in Chula Vista. Both of the attempts were reportedly unsuccessful. Additionally, he attempted to transfer at least $600,000 from two Pennsylvania companies. The malware was allegedly transferred to company computers when employees opened an attachment that was designed to look like a business email. The charges include bank fraud and conspiracy.
He allegedly used a worldwide cybercrime network known as Avalanche to transmit the malware and obtain account information. The network take down was announced in Dec. 1 and lead to at least five people being taken into custody. It is believed that at least 500,000 computers, both business and private, in approximately 190 countries have been infected by Avalanche participants since 2010. When Avalanche was disbanded, 39 computer servers and hundreds of thousands of domains were seized.
These types of federal crimes could result in a lengthy prison sentence and major fines if prosecutors are able to obtain a conviction. When the evidence appears to be strong, a criminal defense attorney representing those who have been accused might seek to obtain an agreement that would involve a plea of guilty to a lesser offense in exchange for a reduced penalty.
Source: ABC News, "Bulgarian Man Pleads Not Guilty in US Cybercrime Case", Joe Mandak, Dec. 22, 2016