A Long Time Behind Bars
Two architects behind the SpyEye malware attack which cost the financial industry around $1 billion in losses according to the FBI have been sentenced to a combined 24 years in prison.
The two Aleksandr Andreevich Panin of Russian origin and Hamza Bendelladj from Algeria were more popularly known by their online aliases Gribodemon and Bx1 respectively. Under their fake names, the two hackers created and distributed a virulent software which was the pre-eminent banking malware Trojan in the world at one point.
The malware, SpyEye, was used by various global groups of cyber criminals who infected more than 50 million machines between 2010 and 2012, according to files shown by the government. The US Attorney for the Northern District of Georgia, John Horn said, “It is difficult to [overstate] the significance of this case, not only in terms of bringing two prolific computer hackers to justice, but also in disrupting and preventing immeasurable financial losses to individuals and the financial industry around the world.”
The FBI also mentioned that the arrest of the two men had led to a decrease in a number of people who cries foul because of being hacked via the SpyEye malware. The malware is developed to automate the theft of any private and confidential personal and financial data. Information such as online banking details, credit card info, usernames, passwords, PINS, and any such personally identifying information. The malware inconspicuously infected victims computers and gave the cybercriminals control of the infected machines through the command and control servers they had gotten.
Course of Action
Once a computer was infected and was under their control, the hackers could then access information on the infected computer, without any clear authorization and therefore put them in a position to steal users personal data and financial information available. They used a variety of techniques which included, Web injects, keystroke loggers and credit card grabbers. The victims personal and financial information was then taken back to another computer the cyber criminals were in control of and from there could access and steal money from their financial accounts.
Panin is said to have been the brains behind the SpyEye malware. He developed and distributed the malware, and created it as a successor to the infamous Zeus malware. The Zeus malware wreaked havoc back in 2009 on financial institutions around the world. And in 2010 November, Panin then received the Zeus code from the original developer of the malware, known to Evginy Bogachev; the FBI’s most wanted cybercriminal at the moment. Panin integrated the two malware together and still named it SpyEye.
The trio, Panin, Bogachev and Bendelladj, all marketed and distributed multiple versions of the malware to criminals through dark web sites such as Darkode. The FBI also claims that thanks to Bendelladj’s arrest the Darkode site fell in 2013.
Bendelladj is also accused of sending more than a million spam emails to unsuspecting email account users in the US which contained the SpyEye malware. He also sold add-ons for botnets, such as spreader, Automated Transfer System, and The Web injects. The tools were to proliferate the spread of malware.
Panin and Bendelladj were sentenced to nine years six months and 15 years respectively.
While a good VPN can’t help with everything, it’s definitely a good thing to have so that you can secure your information and privacy in depth.