Breach, Data Security, Incident Response, Malware, Network Security, TDR

SpyEye authors headed to prison

The two men responsible for the notorious SpyEye malware, used to steal user information from financial institutions, were sentenced to a combined 24-1/2 years in prison.

Aleksandr "Gribodemon" Andreevich Panin and Hamza "Bx1" Bendelladj – a Russian and Algerian, respectively – were sentenced for their roles in the creation and distribution of the banking trojan, which was capable of siphoning off data – including usernames, passwords, PIN codes and other personally identifiable information – to be used in accessing online banking systems.

Panin advertised and marketed SpyEye on black market forums, such as Darkode.com. Bendelladj infected hundreds of thousands of computers by blasting out more than a million spam messages embedded with variants of SpyEye. 

"Until dismantled by the FBI, SpyEye was the preeminent malware banking trojan from 2010-2012, used by a global syndicate of cybercriminals to infect over 50 million computers, causing close to $1 billion in financial harm to individuals and financial institutions around the globe," according to a release from the Department of Justice.

The men, both 27, were sentenced in Atlanta by U.S. federal judge Amy Totenberg.

Panin was arrested in Atlanta on July 1, 2013. Bendelladj was nabbed in Bangkok on January 5, 2013, and extradited to the U.S. A third partner, Evginy Bogachev, aka Slavik, who allegedly sold the men his original source code, dubbed Zeus, has so far eluded the FBI.

The FBI partnered with private industry and 26 international law enforcement agencies to bring the criminals to justice.

“This sentencing is further testament to the significance of public-private partnerships in helping identify and prosecute cybercriminals,” Ed Cabrera, VP cybersecurity at Trend Micro, told SCMagazine.com in a statement. 

Trend Micro assisted with the investigation, as did Microsoft, Flashpoint, PhishLabs, Dell SecureWorks, Damballa, and a Norwegian security research team known as “Underworld.no.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.