Bloomberg News

SpyEye Russian Creator Pleads Guilty in Latest Software Case

January 29, 2014

A Russian man accused of creating SpyEye, a malicious software used to drain bank accounts and steal information from 253 financial institutions, pleaded guilty to U.S. fraud charges.

The plea yesterday by Aleksandr Andreevich Panin, 24, is part of a U.S. crackdown on off-the-shelf malicious software and the use of botnets -- networks of computers enslaved by viruses and phishing e-mails. The software, sold online, has helped drive a cyber-crime boom in the U.S. and Europe. Such a product was used to hack into accounts at Target Corp. (TGT:US) and Neiman Marcus Group.

Panin entered his plea to a charge of conspiracy to commit wire and bank fraud before U.S. District Judge Amy Totenberg in Atlanta.

“Given the recent revelations of massive thefts of financial information from large retail stores across the country, Americans do not need to be reminded how devastating it is when cyber criminals surreptitiously install malicious codes on computer networks and then siphon away private information from unsuspecting consumers,” Acting Assistant Attorney General Mythili Raman said in a statement.

$8,500 Program

Panin, who is also known as “Gribodemon,” faced a 23-count indictment over his involvement in sales of SpyEye.

Prosecutors said federal investigators purchased a version of the program for $8,500. Versions were also sold for as little as $1,000, they said.

On June 29, 2010, Panin advertised on the www.darkode.com Internet forum that SpyEye “is a bank Trojan with form grabbing possibility,” meaning malware designed to steal bank information, according to the indictment.

Panin “commercialized the wholesale theft of financial and personal information,” Atlanta U.S. Attorney Sally Quillian Yates said in a statement. “Now he is being held to account for his actions. Cyber criminals be forewarned: you cannot hide in the shadows of the Internet.”

“Botnets such as SpyEye represent one of the most dangerous types of malicious software on the Internet today, which can steal people’s identities and money from their bank accounts without their knowledge,” Ricky Maxwell, acting special agent in charge with the Federal Bureau of Investigation’s Atlanta office, said in a statement.

Online Forums

A co-defendant, Hamza Bendelladj, of Algeria, also known as Bxl, pleaded not guilty in May after being extradited from Thailand.

Panin, also known as “Harderman,” was arrested by U.S. authorities on July 1 while flying through Hartsfield-Jackson Atlanta International Airport, prosecutors said in court filings.

Advertised on invitation-only online forums, the software could be tailored to meet various cyber-crime needs, such as targeting financial information, the U.S. said. Once installed on victims’ computers, the SpyEye malware was monitored and controlled from remote servers, essentially creating “a secret computer network,” according to the indictment. Data from about 1.4 million computers was stolen, prosecutors said.

One of the servers used to target financial institutions in the U.S. and elsewhere was located in Atlanta, according to prosecutors. Federal agents seized the server, allegedly operated by Bendelladj, in February 2011, according to prosecutors. The server purportedly controlled over 200 computers infected with the SpyEye virus.

Prosecutors are seeking forfeiture of any proceeds from the SpyEye scheme but didn’t state an amount in court filings.

Panin is scheduled to be sentenced April 29 and faces a maximum of 30 years in prison.

The case is U.S. v. Bendelladj, 1:11-cr-0557, U.S. District Court, Northern District of Georgia (Atlanta).

To contact the reporters on this story: Christie Smythe in Brooklyn, New York at csmythe1@bloomberg.net; David Beasley in Atlanta federal court at dbeasley3@bloomberg.net

To contact the editor responsible for this story: Michael Hytha at mhytha@bloomberg.net


Monsanto vs. GMO Haters
LIMITED-TIME OFFER SUBSCRIBE NOW

(enter your email)
(enter up to 5 email addresses, separated by commas)

Max 250 characters

Companies Mentioned

  • TGT
    (Target Corp)
    • $60.05 USD
    • 0.25
    • 0.42%
Market data is delayed at least 15 minutes.
 
blog comments powered by Disqus