SpyEye Malware Hackers Sentenced
Two of the hackers behind the infamous SpyEye malware attack were sentenced last week to a combined 24 years in prison. The attack was responsible for nearly $1 billion in losses in the financial industry around the world, according to the Federal Bureau of Investigation (FBI).
Aleksandr Andreevich Panin of Russia and Hamza Bendelladj of Algeria were perhaps more widely known by their online handles, Gribodemon and Bx1. Under those aliases, the two men helped develop and distribute the virulent software, which at one point was the preeminent banking malware Trojan in the world.
The Biggest Trojan in the World
SpyEye was used by a global syndicate of cybercriminals to infect more than 50 million machines between 2010 and 2012, according to the government. “It is difficult to [overstate] the significance of this case, not only in terms of bringing two prolific computer hackers to justice, but also in disrupting and preventing immeasurable financial losses to individuals and the financial industry around the world,” said John Horn, U.S. Attorney for the Northern District of Georgia, in a statement.
The FBI said the arrest and prosecution of the two men had effectively reduced the threat to users of falling victim to SpyEye to zero. The malware was designed to automate the theft of confidential personal and financial information, such as online banking credentials, credit card information, usernames, passwords, PINs, and other personally identifying information.
SpyEye functioned by secretly infecting victims’ computers, enabling cybercriminals to remotely control the infected machines through command and control servers.
Once a computer was infected and under the hackers’ control, cybercriminals remotely accessed the infected computers, without authorization, and stole victims’ personal and financial information through a variety of techniques, including Web injects, keystroke loggers, and credit card grabbers. The victims’ stolen personal and financial data was then surreptitiously transmitted to the command and control servers, where it was used to, among other things, steal money from the victims’ financial accounts.
1 Million Spam E-Mails
Panin was the primary developer and distributor behind SpyEye, according to the FBI. Panin developed SpyEye as a successor to the Zeus malware that had wreaked havoc on financial institutions around the world since 2009. In November 2010, Panin allegedly received the source code to Zeus from another hacker, known as Evginy Bogachev, currently the FBI’s most wanted cybercriminal.
Together with Bendelladj, Panin and Bogachev marketed and sold multiple versions of the tool to criminals online through forums such as Darkode. The FBI said Bendelladj’s arrest was one of the major factors contributing to the downfall of Darkode in 2013.
Bendelladj was also accused of sending more than 1 million spam e-mails containing strains of SpyEye and related malware to computers in the United States, as well as developing and selling add-ons for botnets, such as a spreader, Automated Transfer System, and Web injects. Those tools were designed to secretly automate the thefts of funds from victims’ bank accounts and proliferate the spread of malware, including SpyEye and Zeus.
Panin and Bendelladj, both 27, were sentenced in the U.S. District Court for the Northern District of Georgia. Panin was sentenced to nine years, six months in prison, while Bendelladj was sentenced to 15 years.