Threat Management, Malware

SpyEye trojan developer and marketer extradited to U.S. to face charges

One of the masterminds behind the pernicious SpyEye banking trojan has been extradited to the United States, where he will face charges for computer and wire fraud.

Hamza Bendelladj, 24, was charged in 23-count indictment that was returned in December 2011, but only unsealed last week, federal prosecutors announced Friday. He was arrested in January at an airport in Thailand, and was extradited to America last week.

Bendelladj is charged with 11 counts of computer fraud, 10 counts of wire fraud and other conspiracy-related offenses, prosecutors said.

SpyEye first turned up in 2010 and quickly resembled the notorious Zeus trojan for its ability to steal information, particularly bank login credentials, from the users whose computers it infected. The malware, which can be hard to detect by traditional security software, often injects web fields into legitimate banking sites, where attackers secretly steal data that victims enter.

Typically SpyEye has targeted small and midsize businesses, with the goal of obtaining access to their corporate banking accounts. Once in control, the fraudsters siphon off money via unauthorized transfers to accounts under their control or the control of so-called money mules.

There have been prior overseas arrests related to the spread of the trojan.

If convicted, Bendelladj faces decades in prison and fines of up to $14 million.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.