Russian developer known online as ‘Gribodemon’ and ‘Harderman’ gets nine years in US jail, while malware vendor ‘Bx1’ receives 15 years in billion-dollar case.
The Russian creator of a computer program that enabled cybercriminals to infect millions of computers and drain bank accounts in multiple countries has been sentenced to serve nine and half years in a US federal prison.
Aleksandr Andreevich Panin, 27, the inventor of SpyEye who went by aliases “Gribodemon” and “Harderman” online, pleaded guilty to a count of conspiracy to commit bank and wire fraud in January 2014 after reaching a deal with prosecutors.
Prosecutor Steven Grimberg said SpyEye a pre-eminent piece of malware from 2010 to 2012 and was used to infect more than 50m computers, causing nearly $1bn in damage to individuals and financial institutions around the world.
A second man, Hamza Bendelladj, a 27-year-old Algerian known online as “Bx1,” was sentenced to 15 years. Prosecutors said he sold versions of SpyEye online and used the malware to steal financial information.
SpyEye was a type of Trojan virus that secretly implanted itself on victims’ computers to steal sensitive information, including bank account credentials, credit card information, passwords and PINs. Once it took over a computer, it allowed hackers to trick victims into surrendering personal information — including data-grabbing and fake bank account pages. The information was relayed to a command and control server to be used to access victim accounts.
Panin conspired with others to advertise SpyEye in online cybercrime forums and sold versions of the software for prices ranging from $500 to $10,000, FBI Special Agent Mark Ray testified.
SpyEye was more user-friendly than its predecessors, functioning like “a Swiss army knife of hacking” and allowing users to customize it to choose specific methods of gathering personal information, Ray said. Panin is believed to have sold it to at least 150 clients.
Jon Clay with IT security firm Trend Micro, which helped the FBI investigate SpyEye, said the program wasn’t the most sophisticated but had good code and was reasonably priced.
“He had definitely created some capabilities that were not available in some of the other banking Trojans at the time,” Clay said. “That’s why he was pretty popular among the cybercriminal underground.”
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.